www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nur.kz/
Effective URL:
https://www.nur.kz/
Submission: On May 23 via api (May 23rd 2022, 11:04:40 am UTC) from AU — Scanned from DE

Summary HTTP 489 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 67 IPs in 11 countries across 59 domains to perform 489 HTTP transactions. The main IP is 91.215.139.234, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is www.nur.kz. The Cisco Umbrella rank of the primary domain is 477900.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 29th 2022. Valid for: a year.

This is the only time www.nur.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.215.139.235 91.215.139.235	48716 (PSKZ-ALA) (PSKZ-ALA)
27	91.215.139.234 91.215.139.234	48716 (PSKZ-ALA) (PSKZ-ALA)
67	94.247.128.35 94.247.128.35	48716 (PSKZ-ALA) (PSKZ-ALA)
1	116.203.211.59 116.203.211.59	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:27::... 2620:1ec:27::cafe:1586	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
45	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	18.66.248.93 18.66.248.93	16509 (AMAZON-02) (AMAZON-02)
8	88.99.5.37 88.99.5.37	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	99.86.4.123 99.86.4.123	16509 (AMAZON-02) (AMAZON-02)
1	54.70.139.114 54.70.139.114	16509 (AMAZON-02) (AMAZON-02)
2	94.247.128.43 94.247.128.43	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
7	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	94.247.128.37 94.247.128.37	48716 (PSKZ-ALA) (PSKZ-ALA)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
17 44	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
7 15	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
7 11	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
100	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 3	18.194.10.133 18.194.10.133	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 2	18.184.26.149 18.184.26.149	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.124.9.195 3.124.9.195	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 4	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	2600:9000:205... 2600:9000:2057:bc00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	108.128.51.115 108.128.51.115	16509 (AMAZON-02) (AMAZON-02)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.35.87 46.236.35.87	12703 (PULSANT-AS) (PULSANT-AS)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	143.204.215.33 143.204.215.33	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
489	67

1 91.215.139.235 (Kazakhstan) 1 redirects

ASN48716 (PSKZ-ALA, KZ)

nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 91.215.139.234 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

www.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webapi.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 94.247.128.35 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

cdn.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.211.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.211.203.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1586 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-93.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.99.5.37 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-5-37.clients.your-server.de

tttt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-123.fra6.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.139.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-139-114.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.247.128.43 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

stat.khanate.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.247.128.37 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

nurtech.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 142.250.74.194 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.35.236.247 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.50 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

100 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.194.10.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-10-133.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.26.149 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-26-149.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.9.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-9-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.182 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.111.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal900027.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.14 (Amsterdam, Netherlands) 3 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:bc00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.51.115 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-51-115.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.35.87 (Plymouth, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (Utrecht, Netherlands) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-33.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	981 KB
95	nur.kz 1 redirects nur.kz — Cisco Umbrella Rank: 374847 www.nur.kz — Cisco Umbrella Rank: 477900 cdn.nur.kz — Cisco Umbrella Rank: 579123 webapi.nur.kz	1 MB
84	googlesyndication.com 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130 ade.googlesyndication.com — Cisco Umbrella Rank: 269	417 KB
80	doubleclick.net 18 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 255134	391 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	472 KB
15	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	14 KB
13	google.com www.google.com — Cisco Umbrella Rank: 7 analytics.google.com — Cisco Umbrella Rank: 685 adservice.google.com — Cisco Umbrella Rank: 74	2 KB
11	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	10 KB
10	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 j.clarity.ms — Cisco Umbrella Rank: 2179 c.clarity.ms — Cisco Umbrella Rank: 668	26 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33656 hal900027.redintelligence.net — Cisco Umbrella Rank: 232828	217 KB
9	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 17292 tttt.onthe.io — Cisco Umbrella Rank: 830432	20 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	291 KB
7	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7527 favicon.yandex.net — Cisco Umbrella Rank: 9406	73 KB
7	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	2 KB
7	yandex.ru yandex.ru — Cisco Umbrella Rank: 1392	120 KB
5	yastatic.net yastatic.net — Cisco Umbrella Rank: 6107	181 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	2 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1524	782 B
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930 api.webgains.io — Cisco Umbrella Rank: 48593	51 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 615	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5262	1 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	47 KB
3	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 435 sync.adaptv.advertising.com Failed	825 B
3	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10246	362 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 520	1 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 38036	5 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 154668	6 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44639	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 4319	792 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755 r.turn.com — Cisco Umbrella Rank: 3305	869 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 14703	568 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 809	669 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	2 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 42544	631 B
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 46392	757 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	khanate.pro stat.khanate.pro — Cisco Umbrella Rank: 916919	324 B
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 7908 certify.alexametrics.com — Cisco Umbrella Rank: 4391	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 232	556 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 572	536 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	862 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15147	705 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 77703	312 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 275414	409 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43330	628 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 594	191 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	5 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1210	75 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 741	441 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3801	104 B
1	nurtech.pro nurtech.pro	793 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1364	39 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	68 KB
0	netmng.com Failed google2waycm.netmng.com Failed
489	59

	Domain	Requested by
100	s0.2mdn.net	www.nur.kz s0.2mdn.net 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
67	cdn.nur.kz	www.nur.kz
44	cm.g.doubleclick.net	17 redirects googleads.g.doubleclick.net 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com www.nur.kz
36	pagead2.googlesyndication.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.nur.kz securepubads.g.doubleclick.net
30	tpc.googlesyndication.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
24	www.nur.kz	www.nur.kz
15	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com www.nur.kz
11	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	ade.googlesyndication.com
10	googleads4.g.doubleclick.net	www.nur.kz
9	static.criteo.net	ads.eu.criteo.com
9	securepubads.g.doubleclick.net	www.nur.kz securepubads.g.doubleclick.net
8	pix.eu.criteo.net	ads.eu.criteo.com
8	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	www.google.com	www.nur.kz 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com tpc.googlesyndication.com
8	tttt.onthe.io	cdn.onthe.io
7	www.googletagservices.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
7	j.clarity.ms	www.clarity.ms j.clarity.ms
7	yandex.ru	www.nur.kz yandex.ru
5	hal9000.redintelligence.net	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com hal900027.redintelligence.net
5	yastatic.net	yandex.ru
4	hal900027.redintelligence.net	1 redirects 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com hal900027.redintelligence.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	avatars.mds.yandex.net	www.nur.kz
4	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	ap.lijit.com	3 redirects
3	d5p.de17a.com	3 redirects
3	pixel.advertising.com	1 redirects googleads.g.doubleclick.net
3	favicon.yandex.net	www.nur.kz
3	ads.adfox.ru	www.nur.kz
3	webapi.nur.kz	www.nur.kz
3	www.google.de	www.nur.kz
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	www.nur.kz www.google-analytics.com
2	api.webgains.io	analytics.webgains.io
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	sync.1rx.io	2 redirects
2	8019191.fls.doubleclick.net	1 redirects www.nur.kz
2	track.webgains.com	www.nur.kz 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	match.360yield.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	onetag-sys.com	2 redirects
2	rtb.openx.net	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
2	x.bidswitch.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	d.adtriba.com	1 redirects 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	stat.khanate.pro	www.nur.kz
1	c.bing.com	1 redirects
1	analytics.webgains.io	track.webgains.com
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	fonts.googleapis.com	hal900027.redintelligence.net
1	www.awin1.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	ad-server.eu	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	futalis.de	hal900027.redintelligence.net
1	pb.media01.eu	hal900027.redintelligence.net
1	pixel-sync.sitescout.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	r.turn.com	www.nur.kz
1	ad.turn.com	1 redirects
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	ssbsync.smartadserver.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	www.nur.kz
1	nurtech.pro	www.nur.kz
1	www.googleoptimize.com	www.nur.kz
1	analytics.google.com	www.googletagmanager.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.nur.kz
1	certify.alexametrics.com	www.nur.kz
1	certify-js.alexametrics.com	www.nur.kz
1	www.googletagmanager.com	www.nur.kz
1	www.clarity.ms	www.nur.kz
1	cdn.onthe.io	www.nur.kz
1	nur.kz	1 redirects
0	google2waycm.netmng.com Failed	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
0	sync.adaptv.advertising.com Failed	57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
489	87

This site contains links to these domains. Also see Links.

Domain
play.google.com
special.nur.kz
kaz.nur.kz
1xbet.kz
bit.ly
ads.adfox.ru
ffin.kz
t.me
news.google.com
www.instagram.com
corp.nur.kz
www.facebook.com
vk.com
ok.ru
www.tiktok.com
apps.apple.com
appgallery.huawei.com
nurtv.kz
musicnur.kz
rabotanur.kz
genesistudio.net

Subject Issuer	Validity	Valid
*.nur.kz Sectigo ECC Domain Validation Secure Server CA	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
khanate.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
nurtech.pro R3	`2022-04-18` - `2022-07-17`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.adfox.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.futalis.de R3	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-08`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.nur.kz/
Frame ID: B1378A6677DFD6DEBF8DC0CEAE4D6427
Requests: 170 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7190483D41D9668EF5CC61C685C8CEE6
Requests: 1 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 00683C5F76D7D58AA4D5B436A5D7EF55
Requests: 15 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 61BFB8ABD3C35ACD07D394249F4BF0BD
Requests: 16 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3750656479099BD67F056AB7EA52F934
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNX-18V-Lslo02_1jjp0DQRlYzZCiEl5l1yN0q5YH_rvmbOhOutM06D_risfjCDT9IWMGgRuZg6_syYLcxnP2LPmrczoWg--lqqNEun_S-YkTQY8WWfJ4ZpRqyyQa-13zBQNZcLRo6Amelw1eQMQSDkk4LJLZddWqy8nzzrgko_icU5cKTE
Frame ID: F986F814A335063637393FA0B42030F7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZIRfXnlsdIbAl6U0JIYIjgt2mlkyn1nhEGiP2Qs3kO2a0IHDgGtVerGsLy97QN1xbye4cyaVcPPfjiQKcs8_RApNaKUGWAlKPiJSPEseZu2UVDKWB1wqQ1vAd-nkSDRVafcu6q0o9evtk8ysRk4XKFH9G826wGNGybV3zUk6k1WvzWMA
Frame ID: A04EA526555491EC53E3173DBBE2FDBF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYkp7PkgEwAQ&v=APEucNXy155HyE_1giOXzFVoaxQ2YdBYjg1Glo1v9Sz-KFA6gMf0Rp2Wx3eHCjTn47Gojo8AcWd0T6s3xmtobPWqmfxNRB_14Pv2ZtV53pjZ0MrJ66Zg3WkRp_-R3gbwW6yv_p88tBTNaaoPx7i9qiuNDeLCjMVPdIwoZKf95fyTaXZCfUIaXDQ
Frame ID: 7CBBC25353B9848C445FA3A82855D0FB
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
Frame ID: 651B51B833174AD7B37B9089230A87F7
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
Frame ID: 2F54B5B2B7EDA087AAD53F5EED1CDD9E
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
Frame ID: CA0DA25CA6BEC683513AC00C4855C131
Requests: 25 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6AD60B130E1CFF1FED2487C8E4DDBC4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A3DCE53A60263370B27F4F7E875BC2EC
Requests: 3 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAEC22A906D2B5F857F2828065AF149F
Requests: 16 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46FC654549087F6D236CBCC0D9F709C2
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CAD85AAA06F7F45140FAEE864245740
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVqN5ljMUiP5EeeuN5_X0U9VFj-lex2PabNasla0zN9HsFlOK_ly_bYdwySv-4RI_rtBFRmhs9HY7Jjuz54qAgNv1MdOPOBNvXL5l8PqQ4K_H4is2nK7uw-zOq_k1uDObUHU3C7BA5sS63IJIQ-5TO4JCAJBXDxNT3oPKdOIcL2T0DXcCg
Frame ID: 0864E07AAA88A9F63FC7FD7AEBE51F62
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3ACAA158F673F31E56B4F4BA01AA887D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw
Frame ID: A3972D009AD53AFCADBBD1242E054CE7
Requests: 5 HTTP requests in this frame

Frame: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F37A2875C0028221A3143875A6C42A5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiLo7vGATAB&v=APEucNUATx6Jd3No7TLP5TPZ23dWidXB3dxVm1Qm1teXrtp2aaZu46HDchhU1uA1pW6Mm5_Ycxg76IKHkmaIKrbtcyJgl_BhE4bBhpelRKErxYxDowz0Ci7uPlopJI0gQPNmyAndE3ZFKVuBSVQHpXNWhBNa50YsOQmRWLNW7BaPzE2Czp2VQo0
Frame ID: 60627AD43D0C88EF0B40A16C69BE915D
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YotqKwADdakKd6DRAAbs1Cc0_kPfoWJV4G3dqA&u=%7C3ISB%2BSDxUMtv5X5ARFDhfWrm%2F%2Fwfu4SE%2F7Mxinv%2FsMM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq-3YNmt6fuhvySC7QBgLSf7Frj7ZrsNHZx8estjVxuKdN1Eevml6QRcnmgYp522sVfX3wWSXVdVU6WVXYSF0r6AOTeUlHNNkfEzZelunRzIm9P-NBlcJtS7mrYM71KhawbPsMhb5HF2IqoyBDDO2fDe1W89XoX2JuGe1zJ9I_fmwrV6G-r_6Ubu1YzsHb-ZiT44tRox-jNbII5p2G6RBmPXMgk7dRWCLj9F9P5mLzjGxzV_rbBX6BQr-mYNuoAmyygFVatKlo8yD5fb7qslSZLBxOQ51FObMXkPd7-bk8dWF_RHaKG-9RqRJS_wLayqSog88iQbPkrw0cvphyGIvSmHjKWsNldt_syEkYNfLuZP4oSrdjLEPvHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChIyEK2qLYqnrDdHB3gPU2ZuQCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAmxEGLEPy7E-4AIAqAMBqgThAU_Q3Gj569ZKMhQ1IOn-0dh9OXWpDNUUXuLq1NGpG9plTvgeCPqTKXPYBUQCWxGVdhduD3p6TQIlHMKsyibPw8nXs0FB32Az4rgcu0BpZOFc0WxnCHdv_Bo767E4QXO5yQxN1bMvRdWE4zO4ex4-Vl18w90H6kVOLLAQeht4ZWZjniGc64pm6QgmEts7XnP0KOnuL8kciHy5jkkf7qThqqjg5GFAZf2UeQCDWO8E1y97L9yY9AJbzJrMu0eL3XOSgyKe8c6hTzJNWxaOJSuZfOjIBdj-sKwH1V1E8M79d0XzPOAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JvrTQSehGXcWayw7aD1-2DIJl0w%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: EC6BB6F9B9FCD487555A26625F670532
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE936E128A80E776DB727C1CD0D26326
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
Frame ID: 2522B39BE45C88E491DCC2C50072EDA2
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B00C261224495854C04A0275558B06A6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DCEF760A7760C6306C1ABFFD384043B0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
Frame ID: DE4F49AEFB91DE3D04636D97AB6BACA4
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DB44339008AA1E8C3F35787A97D53959
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 824503BB3D43E4430D55F798FDE791A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0E9707DB785557BC2DC6544D8850740
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33785800092820404444996011968027&actionid=981741&produktid=&dt_url=
Frame ID: 3A4CD70DF25AE5ADC1AC1D389E6AC833
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442
Frame ID: 15F3E8DB41EF1C5559630705620B34EE
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755
Frame ID: D0D507CCED57620608E8D80EBA38656F
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Frame ID: 0CB1F2237597151BA77AABD5C9531F3A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 236D316EF66045BB99D77292B77FA744
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F299E0FECF71DF400590E2982EE41347
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4011056695C44081F22384B5D0821819
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Казахстана – последние новости от NUR.KZ

Page URL History Show full URLs

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

489
Requests

90 %
HTTPS

37 %
IPv6

59
Domains

87
Subdomains

67
IPs

11
Countries

4662 kB
Transfer

9771 kB
Size

64
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_header_banner

Search URL Search Domain Scan URL

URL: https://special.nur.kz/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/
Title: KZ

Search URL Search Domain Scan URL

URL: https://1xbet.kz/?tag=s_43153m_2205c_button&site=43153&ad=2205
Title: Ставки на спорт!

Search URL Search Domain Scan URL

URL: https://bit.ly/37RIUBd
Title: Бизнес с

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/252771/clickURL?ad-session-id=550631653303849775&hash=b58aa237ba58f0f2&puid1=Homepage&sj=GzGLYODQZPhnkMc8RYvbjnOgbZ4GKWlJ0a_bsAK9-r-tysI6YGycE1HglcBF8g%3D%3D&rand=dgcyskb&rqs=KYq_1bDL11cpaotiEh0M58derNg_2i-N&pr=lnheyrm&p1=crsny&ytt=433758947901445&p5=lngbo&ybv=0.584469&p2=gfdy&ylv=0.584469&pf=https%3A%2F%2Fwww.election.gov.kz%2Frus%2F

Search URL Search Domain Scan URL

URL: http://ffin.kz/?utm_source=nur_kz&utm_medium=vidget&utm_campaign=Global_mkting_2021
Title: Фондовый рынок Индекс S&P 500 3901.36 $ 0.57 0.01% Акции Freedom Holding Corp. 40.46 $ -0.25 -0.61% FTSE 100 7358.00 £ 88.00 1.21% IMOEX 2326.46 ₽ -46.80 -1.97%

Search URL Search Domain Scan URL

URL: https://t.me/newsnurkz
Title: Telegram

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK7ylAswg8SqAw
Title: Google News

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kaznews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://special.nur.kz/rough-finish-knauf
Title: <img class="post-preview-media__picture" sizes="(max-width: 755px) 97px, (max-width: 1151px) calc((100vw - 152px) / 3), 231px" srcset="https://cdn.nur.kz/images/720x405/f27ff35f94e53aee.jpeg?version=1 720w, https://cdn.nur.kz/images/560x315/f27ff35f94e53aee.jpeg?version=1 560w, https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1 272w, https://cdn.nur.kz/images/176x99/f27ff35f94e53aee.jpeg?version=1 176w" src="https://cdn.nur.kz/images/272x153/f27ff35f94e53aee.jpeg?version=1" alt="Стройка" title="Стройка" decoding="async" /> Почему хозяевам нового жилья не стоит бояться "чернового" ремонта 21 мая, 09:00

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/health/1969443-zynystyq-qatynasqa-kun-saiyn-tusken-durys-pa/
Title: ДенсаулықЖыныстық қатынасқа күн сайын түскен дұрыс па17 мая, 14:29

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/health/1970070-ot-qabynyn-zumysyn-zaqsartatyn-darilik-sopterdi-bilesiz-be/
Title: ДенсаулықӨт қабының жұмысын жақсартатын дәрілік шөптерді білесіз беСегодня, 08:31

Search URL Search Domain Scan URL

URL: https://corp.nur.kz/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PortalNURKZ

Search URL Search Domain Scan URL

URL: https://vk.com/portalnurkz

Search URL Search Domain Scan URL

URL: https://ok.ru/portalnurkz

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@newsnurkz

Search URL Search Domain Scan URL

URL: https://apps.apple.com/kz/app/id830230766?utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C102765781

Search URL Search Domain Scan URL

URL: https://nurtv.kz/
Title: Видео, фильмы

Search URL Search Domain Scan URL

URL: https://musicnur.kz/
Title: Музыка

Search URL Search Domain Scan URL

URL: https://rabotanur.kz/
Title: Поиск работы

Search URL Search Domain Scan URL

URL: https://genesistudio.net/
Title: YouTube MCN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGao2spA6W2wCsHbEoi7_Ag&google_cver=1

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Cot29qMOy8-cWjA49HbY&google_cver=1

Request Chain 131

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

Request Chain 286

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGzt4FjWFq49OmK8Q4IEHGI&google_cver=1

Request Chain 288

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLPdpsyBz44NaCUMk6cpGg&google_cver=1

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGtFuEq_GCOx9ImizrlJ8Tw&google_cver=1

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1&__user_check__=1&sync_id=1382e31f-da88-11ec-b979-14604df00206

Request Chain 300

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=138241e1-da88-11ec-82ad-16877d160106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTM4MmUyZTQtZGE4OC0xMWVjLWI5NzktMTQ2MDRkZjAwMjA2

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIhvJwO3TzrFv7eDwuFAzJo&_origin=1&google_cver=1

Request Chain 302

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Request Chain 316

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 323

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMKnc_WtiXRA-c2vcjejVBI&google_cver=1&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK4b5DN-ZOYi8tTMtAU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK4b5DN-ZOYi8tTMtAU&google_hm=co6yWX_ETHq-bYGrkNqK5Rw

Request Chain 324

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUCPMW25xfpuMrAC_895cE&google_cver=1&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weLqbxV7v3rOhNXc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weLqbxV7v3rOhNXc

Request Chain 325

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENKU_BiAg7FkQkn3GjvBjWQ&google_cver=1&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENKU_BiAg7FkQkn3GjvBjWQ&google_cver=1&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY&google_hm=WoNIzDptR6-TcrFxvvvJKQ==

Request Chain 327

https://d5p.de17a.com/cookies/google?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz

Request Chain 329

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAn4mYcrA1E5f36RJzHhjeE&google_cver=1&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0o1VnWEL4xnA1K0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0o1VnWEL4xnA1K0g

Request Chain 336

https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 358

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1UQ5K-6I7hKhkKdZuzGjQ&google_cver=1&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPvN9Z6xYaADEIc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPvN9Z6xYaADEIc

Request Chain 359

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI&google_hm=EsC4pGZH9ngGli1rSXC0rooN

Request Chain 360

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI3dBFZd1KDyuGLDFoEkrsM&google_cver=1&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F14bUe8Bi1cZK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F14bUe8Bi1cZK

Request Chain 381

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1&google_push=AYg5qPKFzWjMGOcBXjqyoBkkgLK-i2UULwQdUzJBdnQD07R8BgimRbkTCtJoQNjk3IN8PEDGnqQAppID9jDTcN8w4KEuCSmHxpZaew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk1NjY1NjA5NjU4MDM0NDkwOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1

Request Chain 383

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMKnc_WtiXRA-c2vcjejVBI&google_cver=1&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNiy_o7olrhkE-CuLxPn2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNiy_o7olrhkE-CuLxPn2Q&google_hm=co6yWX_ETHq-bYGrkNqK5Rw

Request Chain 384

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1UQ5K-6I7hKhkKdZuzGjQ&google_cver=1&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqiTUENY6qPPnqJ2A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqiTUENY6qPPnqJ2A

Request Chain 386

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacPN908glM2LieIA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacPN908glM2LieIA&google_hm=EsC4pGZH9ngGli1rSXC0rooN

Request Chain 387

https://match.360yield.com/match/ebda?google_gid=CAESEIFnMzFHRR00Wng5MQUB6CI&google_cver=1&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUXQQ979K9w HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIFnMzFHRR00Wng5MQUB6CI&google_cver=1&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUXQQ979K9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U6iRKUz8RbqOchD3sVjhpQ&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUXQQ979K9w

Request Chain 398

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=33785800092820404444996011968027&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33785800092820404444996011968027&actionid=981741&produktid=&dt_url=

Request Chain 399

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=33785800092820404444996011968027&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442

Request Chain 401

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755

Request Chain 403

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=33785800092820404444996011968027 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 420

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1URzuwB54QuspDDasXUCE&google_cver=1&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKfmZccPEBI97YZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKfmZccPEBI97YZ

Request Chain 421

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOUoKvfc0sIq9-Upam2EfdA&google_cver=1&google_push=AYg5qPKkRIhgSx-42f_-A1ekouimQPrZTHpOi5CVvu0SRfHkOuHEt9FM40bbqHGz1d8ggl-ZIJTfLCbATpVaJpWba8wgtihZbxtI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOUoKvfc0sIq9-Upam2EfdA&google_push=AYg5qPKkRIhgSx-42f_-A1ekouimQPrZTHpOi5CVvu0SRfHkOuHEt9FM40bbqHGz1d8ggl-ZIJTfLCbATpVaJpWba8wgtihZbxtI

Request Chain 422

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUCPMW25xfpuMrAC_895cE&google_cver=1&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_gIJgByoalEzHoP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_gIJgByoalEzHoP

Request Chain 423

https://d5p.de17a.com/cookies/google?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFoCnadh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFoCnadh

Request Chain 424

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAn4mYcrA1E5f36RJzHhjeE&google_cver=1&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lwnb_f_q6yPCaldlfM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lwnb_f_q6yPCaldlfM

Request Chain 425

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKjZ8QBCb-r3HpDNZ8NOwFo&google_cver=1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1653303853110 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&google_hm=

Request Chain 436

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&RedC=c.clarity.ms&MXFR=151F6A5A956B624939D87BF7916B6C2F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&MUID=2918AF6F769E6FB23BD6BEC277F56E2D

489 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nur.kz/
Redirect Chain

http://nur.kz/
https://www.nur.kz/

408 KB
44 KB

317ms
97ms

Document
text/html

91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

85dd33701bd2ac3d3acb6b875af08c957e54ecf5ab00882ab595d7e7ea21e8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, OPTIONS
cache-control: public, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 11:04:09 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-f-status: HIT
x-frame-options: SAMEORIGIN always

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 23 May 2022 11:04:08 GMT
Location: https://www.nur.kz/
Server: nginx

GET
H2 200 f81e5904217f0207.webp
cdn.nur.kz/images/1120x630/ 65 KB
65 KB 517ms
295ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/1120x630/f81e5904217f0207.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5cee464288c4258f06ae6dd8f9ef493d806fc70f79253208df8ec94f7b1b5418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 23 May 2022 10:45:10 GMT
server: nginx
x-cs: HIT
etag: "6989130031fad98e541af6acf900bac2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 66522
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 common.e1f38809.css
www.nur.kz/nur/css/ 32 KB
5 KB 102ms
101ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/common.e1f38809.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-1466"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5222
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H/1.1 200
OK io.js Show response
cdn.onthe.io/ 56 KB
18 KB 49ms
20ms Script
text/javascript 116.203.211.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.203.211.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.211.203.116.clients.your-server.de
Software: nginx /
Resource Hash: 569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:27:17 GMT
Server: nginx
ETag: W/"60e6fd35-de2a"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 24 May 2022 11:04:09 GMT

GET
H2 200 logo.svg
www.nur.kz/nur/img/ 6 KB
3 KB 98ms
97ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-977"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2423
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 f81e5904217f0207.webp
cdn.nur.kz/images/560x315/ 16 KB
16 KB 512ms
295ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/560x315/f81e5904217f0207.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1dfff0b10e807170a9e014ca17ae5686315e8b6e99288f71e9ee2206f2861793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Fri, 28 May 2021 09:33:40 GMT
server: nginx
x-cs: HIT
etag: "85e17db59d640f089393a14175fdd451"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 16374
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 placeholder-1x1.gif
www.nur.kz/nur/img/ 43 B
382 B 98ms
97ms Image
image/gif 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/placeholder-1x1.gif?v=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-2b"
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 43
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5363
date: Mon, 23 May 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 23 May 2022 11:34:46 GMT

GET
H2 200 94ylzt75u2 Show response
www.clarity.ms/tag/ 1 KB
2 KB 272ms
128ms Script
application/x-javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/94ylzt75u2
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8ef072052cbc1e7aaca2dd2548d9d0cfa8a8ba27ba502577471139cb7abea0c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:08 GMT
x-powered-by: ASP.NET
x-azure-ref: 0KWqLYgAAAADY7UVWjTWPT4AgDW1PpEmGTVJTMjBFREdFMDMxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 1384
expires: -1

GET
H2 200 1920x120_rus.png
www.nur.kz/nur/img/thematic-blocks/ 58 KB
58 KB 98ms
98ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/thematic-blocks/1920x120_rus.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-e64f"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 58959
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 bybit.png
cdn.nur.kz/static/ads/ 6 KB
7 KB 511ms
295ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/static/ads/bybit.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Wed, 20 Apr 2022 14:13:51 GMT
server: nginx
x-cs: HIT
etag: "6eab7750d8e559a66f25f708b1eea4de"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6458
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 1xbet-partner.png
cdn.nur.kz/custom/logo/ 2 KB
2 KB 498ms
295ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/1xbet-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Wed, 10 Nov 2021 15:31:26 GMT
server: nginx
x-cs: HIT
etag: "d9e559e4b7931bf2cf97e89f9d7708c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2180
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 fclub-libertex-partner.png
cdn.nur.kz/custom/logo/ 3 KB
3 KB 497ms
295ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/fclub-libertex-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Tue, 28 Dec 2021 10:52:54 GMT
server: nginx
x-cs: HIT
etag: "b32bf7a5941815e4a4dc71bb126a1aa3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2946
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 KMF.png
cdn.nur.kz/custom/logo/ 5 KB
5 KB 497ms
294ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/KMF.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Wed, 13 Apr 2022 12:31:31 GMT
server: nginx
x-cs: HIT
etag: "55643c20d418d965722c9d75a7d6d2b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4627
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 parimatch.png
cdn.nur.kz/custom/logo/ 4 KB
5 KB 474ms
295ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/parimatch.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Tue, 09 Nov 2021 19:46:09 GMT
server: nginx
x-cs: HIT
etag: "58febaebfd3c6d8472de1318e7079d30"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4450
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 7a5aad15155aeeab.jpeg
cdn.nur.kz/images/272x153/ 5 KB
5 KB 376ms
196ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7a5aad15155aeeab.jpeg?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Thu, 11 Mar 2021 14:37:00 GMT
server: nginx
x-cs: HIT
etag: "cad54c626842be5765616b721023eb2f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4896
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 2f8551693976b31f.jpeg
cdn.nur.kz/images/272x153/ 9 KB
9 KB 473ms
294ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2f8551693976b31f.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Thu, 12 May 2022 11:53:28 GMT
server: nginx
x-cs: HIT
etag: "e35dfd517d3150920c0d77fc3aad97d6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9004
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 75330f52aaeda809.jpeg
cdn.nur.kz/images/272x153/ 16 KB
17 KB 375ms
196ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/75330f52aaeda809.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 25 Apr 2022 08:56:58 GMT
server: nginx
x-cs: HIT
etag: "0b45326bc6c6f56de5de06d50eb1d7f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 16678
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 26f6f4d708d3f373.jpeg
cdn.nur.kz/images/272x153/ 31 KB
31 KB 471ms
292ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/26f6f4d708d3f373.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Tue, 17 Nov 2020 10:20:17 GMT
server: nginx
x-cs: HIT
etag: "9315765f924d99f08508c23fec0c6235"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 31899
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 logo-freedom-finance.png
www.nur.kz/nur/img/ 2 KB
3 KB 142ms
142ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo-freedom-finance.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-8b9"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2233
expires: Tue, 23 May 2023 11:04:09 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-1&cid=1962745041.1653303849&jid=575144188&gjid=601918935&_gid=946190871.1653303849&_u=YGBAgUABCAAAAE~&z=1875402972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 May 2022 11:04:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1791401548&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=575144188&gjid=601918935&cid=1962745041.1653303849&tid=UA-6273700-1&_gid=946190871.1653303849&cd14=homepage&z=552641346

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 May 2022 17:24:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63604
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _vendors.247f0c1e.js Show response
www.nur.kz/nur/js/ 30 KB
9 KB 116ms
115ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-22eb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 8939
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
29 KB 70ms
26ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

57c574845a793acec11e8266bc2b3ee3e638c56b3422f18e4fefdff6c7fce51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28607
x-xss-protection: 0
server: sffe
etag: "1223 / 698 of 1000 / last-modified: 1653301816"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 monetization.f542e399.js Show response
www.nur.kz/nur/js/ 10 KB
3 KB 116ms
113ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/monetization.f542e399.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-b02"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 2818
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 49ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3d5d92188bd4d6bcc691a481ecd61eb90963287668af5ee8727dec029c1f2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69388
x-xss-protection: 0
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 _authorization.cbd1e081.js Show response
www.nur.kz/nur/js/ 15 KB
5 KB 116ms
113ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_authorization.cbd1e081.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-10f5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4341
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 navigation.1f4f3f8d.js Show response
www.nur.kz/nur/js/ 5 KB
2 KB 116ms
114ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/navigation.1f4f3f8d.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-661"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1633
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 jitsu-init.b7960b4c.js Show response
www.nur.kz/nur/js/ 29 KB
9 KB 117ms
115ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-2345"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 9029
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 home-recommendation.1d356ec8.js Show response
www.nur.kz/nur/js/ 19 KB
6 KB 117ms
115ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-15bf"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 5567
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 home-page.e7254aef.js Show response
www.nur.kz/nur/js/ 6 KB
2 KB 117ms
116ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-page.e7254aef.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-771"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1905
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 freedom-finance.d7f54434.js Show response
www.nur.kz/nur/js/ 3 KB
2 KB 118ms
116ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-557"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1367
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 283 KB
77 KB 209ms
74ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

08d5eb9eb095f5165fd989c39e0eeeb290b06161e1a62c4e158780965a267003

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653303849514465-1752915241598868084-sas6-5261-bf6-sas-l7-balancer-8080-BAL-2948
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 23 May 2022 12:04:09 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 78ms
14ms Script
application/javascript 18.66.248.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-93.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:43:24 GMT
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 6661246
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: B16mj7b2kCkEG7q3mTn6Mut3Rx-EMwIDlbMz9qMmRoN5gnsXeI-K6w==

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 57ms
17ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:uniques_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:ec440ba82.67821cd80_1653303849361,session_id:1a3e3723f.1e8794c67_1653303849362,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653303849374
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:09 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/uniques/ 33 B
559 B 56ms
17ms Script
text/html 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/uniques/?current=23&holding=e3155c435e925683dd022a3f2070aae6&hash_user=ec440ba82.67821cd80_1653303849361&1653303849376
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:09 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 47ms
16ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:visits_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:ec440ba82.67821cd80_1653303849361,session_id:1a3e3723f.1e8794c67_1653303849362,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&__io=ec440ba82.67821cd80_1653303849361&1653303849383
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:09 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 42ms
16ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:pageviews[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36,device:desktop,browser_version:Chrome%20101,browser:Chrome,depth:1,user_type:new,user_id:ec440ba82.67821cd80_1653303849361,session_id:1a3e3723f.1e8794c67_1653303849362,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653303849390
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:09 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 57ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=1962745041.1653303849&jid=575144188&_u=YGBAgUABCAAAAE~&z=1944206463

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=1962745041.1653303849&jid=575144188&_u=YGBAgUABCAAAAE~&z=1944206463

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 telegram.svg
www.nur.kz/nur/img/social-icons/subscribe/ 1 KB
876 B 103ms
102ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/social-icons/subscribe/telegram.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-214"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 532
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H3 200 pubads_impl_2022051701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 32ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:02:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127273
x-xss-protection: 0
last-modified: Tue, 17 May 2022 08:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 May 2023 11:02:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 205 B
152 B 141ms
121ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f02257926fdd4c2e16702b57f48073542bc38fe69218b054e5e8f58870e12c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 40ms
10ms Image
image/gif 99.86.4.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&time=1653303849501&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.nur.kz%2F&random_number=19868685392&sess_cookie=268210e8180f096b21c0333cd68&sess_cookie_flag=1&user_cookie=268210e8180f096b21c0333cd68&user_cookie_flag=1&dynamic=true&domain=nur.kz&account=UVumr1WyR620WR&jsv=20130128&user_lang=en-US
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-123.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 03:48:39 GMT
Via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 26131
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA6-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: nUAkCgRrllVdfFpu56GWmGqRApEKy4U7GpPj91kWLbVfgK26RNc67A==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 598ms
159ms Image
text/plain 54.70.139.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.139.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-139-114.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
server: Server

GET
H2 200 chunk-lazysizes.85027d33.js Show response
www.nur.kz/nur/js/ 7 KB
3 KB 196ms
195ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-lazysizes.85027d33.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/_vendors.247f0c1e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-beb"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 3051
expires: Tue, 23 May 2023 11:04:09 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
344 B 55ms
25ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oe5b0&_p=1791401548&_z=ccd.tbB&_gaz=1&cid=1962745041.1653303849&ul=en-us&sr=1600x1200&_s=1&sid=1653303849&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&en=page_view&_fv=1&_ss=2&ep.transport_type=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 79ms
21ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3EYGX7DJS&cid=1962745041.1653303849&gtm=2oe5b0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 58ms
36ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3EYGX7DJS&cid=1962745041.1653303849&gtm=2oe5b0&aip=1&z=1569516243

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
stat.khanate.pro/api/v1/ 15 B
324 B 104ms
104ms XHR
application/json 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/nur/js/jitsu-init.b7960b4c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
content-length: 15

OPTIONS
H2 200 event
stat.khanate.pro/api/v1/ Frame 0
0 575ms
105ms Preflight 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 86400
content-length: 0
date: Mon, 23 May 2022 11:04:10 GMT
server: nginx

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 102 KB
39 KB 83ms
20ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5JGFBQR

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0f8712858aaeaa167b758be619f8b47d90e1ae78a57d9f5376cde602e13b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39791
x-xss-protection: 0
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 freedom-finance-desktop.593ce3a5.css
www.nur.kz/nur/css/ 4 KB
1 KB 146ms
146ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-326"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 806
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 chunk-freedom-finance-desktop.68c57a5a.js Show response
www.nur.kz/nur/js/ 4 KB
2 KB 147ms
147ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-5f4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 1524
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 353ms
99ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/94ylzt75u2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
etag: "1d86ac05e8dcb54"
last-modified: Wed, 18 May 2022 14:05:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 13ms
13ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=364:uniques_holding&s=0d0db5a9a93692f403af81423ab76478&__io=ec440ba82.67821cd80_1653303849361&1653303849628
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:09 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 52ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
15 KB 503ms
503ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789576614196507&correlator=784688797860342&eid=31067486%2C31067688%2C31067709%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom%2CNUR_Desktop_Bottom2%2CNUR_Desktop_Bottom3%2CNUR_Desktop_Anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C728x90%7C728x200%7C980x90%7C980x200%2C728x90%7C728x200%7C980x90%7C980x200%2C1x1%7C728x90%7C980x90%7C1000x90%7C1000x200%7C1200x90%7C2000x90%7C728x200&ifi=1&adks=2902430930%2C1806412577%2C1148870173%2C3302193688&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie_enabled=1&abxe=1&dt=1653303849660&dlt=1653303849248&idt=340&biw=1600&bih=1200&adxs=436%2C436%2C436%2C-12245933&adys=2423%2C4944%2C6646%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1088x0%7C1088x0%7C1088x0%7C0x-1&msz=1088x0%7C1088x0%7C1088x0%7C0x-1&fws=4%2C4%2C4%2C644&ohw=1088%2C1088%2C1088%2C1600&ga_vid=1962745041.1653303849&ga_sid=1653303850&ga_hid=1791401548&ga_fc=true&btvi=1%7C2%7C3%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f10c183b5273dbed2c349952ff9b08ee345e2b2cb1658f5dc2d3d6e57802740e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15209
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7190 6 KB
4 KB 91ms
17ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chunk-react-vendors.2103090c.js Show response
www.nur.kz/nur/js/ 122 KB
35 KB 101ms
101ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-react-vendors.2103090c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-8a54"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 35412
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 chunk-4.24dd4b97.js Show response
www.nur.kz/nur/js/ 12 KB
5 KB 101ms
100ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-4.24dd4b97.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-10c3"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 4291
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 chunk-120.983fb3a0.js Show response
www.nur.kz/nur/js/ 144 KB
33 KB 102ms
101ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-8268"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-length: 33384
expires: Tue, 23 May 2023 11:04:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1791401548&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=CgAho3N_S6ek6TgBcPgd7A.1&_u=aGDAAUABCAAAAG~&jid=1239639718&gjid=429764274&cid=1962745041.1653303849&tid=UA-6273700-34&_gid=946190871.1653303849&_r=1&_slc=1&cd12=&cd13=&z=204383668

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 3 KB
2 KB 546ms
311ms Fetch
application/json 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=0759c990-9bfa-43d5-be64-e32f22ae7ee7&sectionId=1&lifespan=7&limit=5

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.1d356ec8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b5450c60933383eae8edec2b2d0968427d949cfd8f6df2a9bad0c3e46e63c4a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"c9c-OqgICIT7293sdLcJtNiVbu1TIN0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

GET
H2 200 quotes Show response
nurtech.pro/trading/ 371 B
793 B 332ms
97ms Fetch
application/json 94.247.128.37
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://nurtech.pro/trading/quotes

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.37 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

92eaf9f1433a933b57f86758812c2d60802dfbabeff2a49c42d02fddfd516d01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin
x-xss-protection: 0
x-f-status: HIT
referrer-policy: no-referrer
server: nginx
etag: W/"173-gyVUhoZuOvBa5BW7boCNqorx5e8"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 02f3ad09bd2dbaf3.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 255ms
254ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/02f3ad09bd2dbaf3.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ae509848a4bf4ffd4b0bd862c276df162f036b2dea5ff3fd0a8e66461cf162aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 18 Apr 2022 11:17:41 GMT
server: nginx
x-cs: HIT
etag: "d52c4ff9cd1135c51ac34b6313afe559"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5210
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 ce6e45a3e446e7db.webp
cdn.nur.kz/images/272x153/ 10 KB
11 KB 255ms
254ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/ce6e45a3e446e7db.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ee7058cb0dafd52505d951fe8640b8e7cd3eded23b93ac54deadc76fccf934c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 23 May 2022 09:27:14 GMT
server: nginx
x-cs: HIT
etag: "8b819cb4e56c21acca12f782d64e138a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 10468
expires: Tue, 23 May 2023 11:04:09 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 23ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-34&cid=1962745041.1653303849&jid=1239639718&gjid=429764274&_gid=946190871.1653303849&_u=aGDAAUABCAAAAG~&z=1266213941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 May 2022 11:04:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 438517f692eae166eaea.js Show response
yastatic.net/partner-code-bundles/584469/ 13 KB
5 KB 115ms
37ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/584469/438517f692eae166eaea.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

abcc1f0b3adddb9d292307bdba9b09e3f12a5bd93d06cf9c19fcafa42e2fed33

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4476
last-modified: Thu, 19 May 2022 14:43:09 GMT
server: nginx/1.17.9
etag: "9733eebd6a9075e47416431aba2b6209"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 17:36:51 GMT

GET
H2 200 cce270bd3af5ac6ab0e3.js Show response
yastatic.net/partner-code-bundles/584469/ 89 KB
19 KB 145ms
70ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/584469/cce270bd3af5ac6ab0e3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7c3f1e3b8186639d48e111a10cd634d34f5b513bfb5b137cc47022100f31a4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18869
last-modified: Thu, 19 May 2022 14:43:10 GMT
server: nginx/1.17.9
etag: "4843db49a256ff035473343d0ec0c246"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 17:36:51 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 158ms
84ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 17:35:56 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 171 B
583 B 98ms
94ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T11%3A04%3A09.769%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=1295568788&pr=3555817238&prr=&pv=11&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.584469&ybv=0.584469&ytt=433758947901445&is-turbo=0&skip-token=&ad-session-id=550631653303849775&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13858%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=584469&available-width=1600&yaru=true&p1=coatn&p2=fylw&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&pcode-flags-map=eJylV02P2zYQ%2FSuFzz5QpCRKuVESbRErkQpJ2d4EwSBt9xYURbspCgT57x19%2BEO2l16gFwsw9B6HM2%2FejH6seq02xrbCrz58%2FrH65%2Bu37y%2BrDyupRdHI1Xr1%2BvL3q%2Fod%2F4lpTni%2B%2BvllvSprobcSykaVT%2BBra%2FptDY3ZqnLBIUqvjIai9x4fnVXGKv%2B84GSUUzpyWvmxl87DrhUdbKxp4VnoSh7A9gtSb%2FtFWAnljLKRYiccaLmHUjQNeAPz%2BV4efJgiSUgWjxTTtaHXru86Y72s8F6ikhZcaVXnwdkS9sJqpbcPOHkS81NYrZlCEaoxFkoz%2FHaikd5L0KKVC65GbWsPxXbBxxnhyZypToo5UcesiY3HGJW2pmnCcXEeR%2Bkprt5J6EpTYTFN22KEwntR1uBqUZn9A6Y8i7MTk%2BvtTj5jbpTH3ABKCjbKDqFpt8fYqt6KIQcLzihZMGY0JtGZ0Y%2B12EnrrnH4JuPxEhvnbJKBqDbmAC0WaqecKlSDogO82ijXBc3Lv38uFc4ZIyMHNsVc9%2BEiou0uca9%2FfX9ZwDKWzzBMp3NDIa4xt2edQHfjLTDkvZb2kuNzlGYp5Wua5CRJ8JFlWbRmSRxl2ZqyPGHDIyE8XdM0jmO2poRGhBxfYSRPU4RzkpMI4TyOsy%2BXMfE8mvMvKnBSajCFk1hXu7zKH19%2F%2Ffay7OOU5pPaNwrvgvev5ahi7cNpiBOWT0d%2Bkpqinivp1FYDjeAjQwnIDliQIKE0n%2BreWYkdD9YXmP9GaRnEcZonU8Sl6bUf%2FOJQ2yAk4yjQEXKyJqhMK5QOwbAelM0dpyppBnFgsxUGNn3ToK1gnoP4CP2NnHJbWPOEhcG8wtaqKozkSZbeDRgq5bxVRRCO2knjc22GcGGvKl%2BDasU2mF4UXJyRMxaPG5u5MHZoKisq1btf3snwLIa4p4BBNHvx7MJIxmdNVZvBIl1nNDamV600%2FXIUUELIEhsTNt35aIsI1T58XoI0F61s5eAdx%2FNAHoItgEdyTm%2FhagP4ux%2BM8JFC3mA4BrATTb%2BoFiP30fP0m9SpdIdFBmHb8NlplB99F43CKzcOoo0BbMGg3eLUJfE00hqJIxWHpEW7F1aJq4TTa9hc3qt%2BshInc4Uj%2B52NhUzHWguLAmmlF2e5SGvR%2BnGrueRIFviMxGS2nmm3GWx7p%2BR%2BWB2CR6c8nd1%2FeB00rgeldNhX2yCMU8SNMOc63HPKWg4RQidteaXSwfcvkUmUT3d1rbAec%2B2EKofcTaN%2B8IXw0ThY8kuVtLJSAiY2F%2FahM3Yw58r0o8rG7fFRc5yhk7TJgeBGgMEa51UQmUXJnKuyMfpU3dbsxhkdxlKesTewUxz0f%2BKjd%2BJHSCfKJ1ebcUiNtvQAjOqa7E%2FihilxDztgU%2Byt6FAnx8G87J0wIU7381p2NAlkGxY9VDzKR980%2B826mBFKsxALDn4c%2F1Aoj5vi8oqlb97gOg6W0k2rWuBav71%2Bu9pf%2BWw%2FQ0AKVeFNB8bXmCSPXzjQ9o1XNxv1RjTuahFmaZreEN1H327RJ7CoXPV0vWth8vOYXJUjn21nru92GKfY%2FtBhU0hbmMODckbzYD0mT8nogR5ZxN5eVkO7McHbTZXCKItw1%2BCXCYnP74JTnxYySCJKQu%2FfGfBRchfx8z%2BYvE9%2F&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LV5eB3fZ1UcR%2B886YQYpnSxdA%2BSpGyKdVMdqseSA9%2B6oiThkk1TihngKnM1FU1GXtYL1zx4VkyIl8J%2By5r7oW7BkN6M%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODB9ChKjtIzkOO5BBKiTj01US1n7bYFPl-GNjKOOVW21WjXoKm2nbuQePv3pTWrsvmVto6u7rvAk2rRZ4bEm6Djf93fvoQP0RAH2BtoWAYWZ4D99Hvxd1nv4didmJmZhYVCEhUWEKQphh8JQGQoDdUAVyvIQbqgKCUNVQHF9VSgKVTmAqRHkIcFIDiWhPFSsniyU5wvYCZUwoMrBAhRgIAIbTEjR4lkkSC0hghVPtRJFATmfeJBacjyLPBriUBZQXzR-qF2qIITEAaih_Kor-5qghCqgoK8CUFUQoEAsglwF-GFplUWywkhWxBUolDY3AcAWqPB7iKvWSIP5iVLvvFtw2ay1TFMH5NcGdpUos5B41QlXdddt_nct4fKvDpD6q8kCsisiXEmKHUFvDfICEV6KMkCyUxzNYf9QMNQrqr8nwZXhrXbvCdKFGshkdTwwlluKs1-yAIl8DZgrrDhAUrkAZhebucsPWWEZ_E-GMiQqsKHYZ_gsoM4G-AwzJDwzQhCGblRnUQj9hxVWxs04Q8mymfC6Q0nNihDWz6gKpQHyous6MtS5IWgzylGGsxyHynxFEY6MmfYKthIDitGTB1QB2QKb1eAsv0P9l79A9n8EZ-HsCm356meApdFBhArgIwjsXQPpnJXgY5DvulTDUralYtuT_S7LXX6N_V4Vqlc-5Q5bhv27t3yHuxMJRei_wmjup3blWWv-SxgqLrby3MGfQbo3G1Gbw6aGYap0lcX50u9cCflCJZ4hh4gWRrzrzg4Lpfx0Kx3GBohnJcUIOytekHOJYD9DWWl5KWDWE-9Su6SsfmDYJw0oBfiHaG4kXNGmk-Wzah4gW1EV_3TtrKFb9Zwf2oqozCFZGnsrQnxOEG3_wmHeFlruifrnn1cfRzWdQhIi-GymvVcT2tte9qVhBJSzZm3Y994HXEchmct1RV5eQRoq7gPWT85pKaZ6X-R3-G4tncf9sKs7TBStrH-deNboQc2op11VPSrl7BQga6qf7zbnM5vvKf76wOzs1NlrtuhlnyqgzuchpXzPij30feQr6Cp3Pwj_gx5YPi2-bEE6cAtw2lrcP1XO2T46KRNtZDQxMtEmqZmRKYojU8IIpcl7JvYWg8mYRGluSI0JuFZzoqXXxTRRrDdYc3q9IUoMEbjWLcS74H_PJ55dBRgAHdSO_lerJXUavknoHZ2qdtOIeShcBWNfRTo329ajGj52MtKhihGDn0Vdsae5yA_BPhZWCNdJ5m69bSZY2RmZ2Hs4DHozipzelGq14FppUrokB4Q2G0BWRiZzjNKljAZNpKcpKtkCWdnsK7mpNNEVSRV25VWgDTjLaHSxMdWhcAjTamjQ6BKzhj7RrVoqoGrS0-mH09QOuqHXNDYcKkPKr2JcxcyYGDTZqq1sjYmX9JwP4gxlrI0ZTImtqsdiU8yDK1NsQKXN4igx2rJSUGI-AGQZGHFEm9HqUSY765ynaB4HIcL-u_Nknyi7KQYSVnTm5Jh4Uz9jx8TbCmaMmHhPOFO_MfHGz6k6qcLEuwpmDZj2F5OuInckd96G7JolkNi3xpWSYVtjYjraKHOVJQZNFOkNAhJTzW7JEBmmBhQgK0dLk_KSlUUJ6JFLQuvXQjQ1crLcLpcj8K7WnNiS66mBLnfB-wXEypiDDWbebDnbKgAtx8mYJSeHVJ9tKzCrrYKLOHWTxL6Sa6YeYWyn4v3bVxG4u68-VGR7fKf8qsigSw3m2EA353-KrZwExE-wK34PiLa3gpJ7T8KkrK0te0om4xYHyzspOJsHI1jcGRxwQpCxio2kbixMoOYKQ0k2C5z0zYntwCoG-rF7rrByMPOqvCYtNW3Bv7zyF1YGk54eVRbpEoNZa-WlzLPXHJJNsTZy9hqfCn89oU915pbu4MLT2EkbJ5Nxrc_PcqcMA-rJhWhsFY-LPoVvUr_EnhuXF0I_Rkb1ZFTOxE7DW3SthqEIDbdxcZQedMdvHfsufQSe8EHz_ePk2GQdvz-2WNyJPo1Pz3xPx0QjBG7yv72L7BFN1bC14GsfRV-siXAHP_gKxLkFncWC15EpS4hSMmHsicxPeYTMxgvi7kA0ZDoy51SFfUx4yy5EeB02zInZd5yToMYdqR7V7ZBmANrLJHEN7lY9qgfIB59E_Z_Ae0BdODkzZDUwkkep1V1I8DpIUUD2qR5HUKE55ddw4mBUH6p64F_UvaTkHQVUetcRnGGXJ5si1bgA1-D51Wra6wf5axB7ZU2mVSSZUhR6TZQ9rXJH791C2kp385LbKDSFMOh15iaymbQJ_QSPAYhQvRw_ub8EKm2i09uS_VW1ycbcVi_LGGK6OaUuiuknPut_sWpvmpGgjBMwMmMM-pJGdlp-BvE8p0ofYkxwBPo9iQ9dYo7TuV9MH2l0yw-7B_SU5Uo9CrRzpbe4h6F_1KAjRRMM2vdS939rsLJkHrRsAmL-SbkTto4cSyIumyewTQTPmPBgz15bbzBX1sB0hBTRQsjMyppPcM-Y1M72KcymJOP550O9GqN3cnxFdzcvDv_rs5Cn_GefKYNWb9JEiSfjM8bniXbi1XqG7X_xV2He_HpTxstbBByTuPtOoUYs841z_zzo3Ofx6gHGbSCb28APYYQkODgQkOrJxM5lWJgtEGJchiMvUxwNg3Xyk6f9L04OgrVeJuw8hpXZAj7GYzjyMbD-73s3HkrpjFw1j3SbOGP7IECSwT-2noAOPGZ06DCewJFPgH1sougfxk75wCKD7E6hSRd6orEWHUmLY9uuVTd_3C4LFow3YODXeD8C5KlTlZAnbAejLP8FS9BLflzeJtaKW88-SVF0MemchHdAkPs3QgcBxo0wbsT7RiQTUH9i_oB4W1Ut8d91RdyKzq-VmPdg9q62F1H6KXixR6IsRPc8Ynqf6NCLnlULx7WnnIzhUWx5xW9xv7CwOaOBGJfg8EuQvuZJj5vE2THg3P5krDkmyq3YLObhb9FeWN74tlJAHumbLKXN0-c4z8Epcuvz6zmK1PrMY3D241Jur9SERIjrWk-RoWi1YGNmw3sC0h7f6rnGm8O6TxMbafS6KD3l0lp88_9Pq8eVu-Dr57zztet4TsCIG1TpzWxai4272LWmbe_4Cp79PL_72HkV35DW0dF4e6jWmJpMdno97dhg_i0mLyosmuvcrSVcKqPc0oe0qWinv3DQugrNw9RbdCifxpDlbOhZ8vr-trJZSEtEHO4WoCk-kh9I4XsBoHg8HEJmVvBw5a7GTJTN_zq_c6onRdZIpWc2NmFZ6Ksx3lJplVU9nkM_zxEbKfhRDEuqMeGUcqS3tpcfE7xHyCF55OhIjyHmOuWyQcDJlEvSLuedpipvHN7Hh2zy9vxh8YIOl2iOkT-i9zhHm9Uf6eonceOCsWEIYfl1RL6yuT8QCwsnDwTGX6Za1inb0L6E--9eqkYWXVEVLye_Sok0DZUStVtm0MpPwRxk89OVsENSjKk4KvArPEHH1GW1WN8HjXg0XRFAz4EwVp1IRndoXpa_loueosgqMm3PKpQ7gUHIZCLW8Xy-ukD1kaNtDZJ3ZHZVya3MjXEgLrX6ZklLycQno1R5rczF415Q7K26790JZehfjLvbGydQbVobcfAS1IhfeQv9OZHrbldjp7ktzCwcTLrA20FvphtQfEa3zYY3VlQB-Y6PuAsr8yCEalcCeQ4EcMACLOA6Ki1pK8u8Ea1uK7_Bb2HdHrGXUKJqdSrnuo-MlYWDOxro8dq3G17RrT-IJyl3lAFZz2_6Gcb2NOXkzLcfruEoSY3aP2SkrDaQkkkOGtmO6BbqwqGmwZ-ST96TV4800SNIcncg03c7S7lrsM7BHQ7_xXPx_ENkPxsLoU6-9cK6g7mn9uGJD1_58il_7tsItxVbctWX8PAFiB11zkMEj1rISnqqLqHfoTphKaGTwr739uWbX-73uZM2sTCzoOVkSkW4zQrcp1KRaDTFDqovKmvezsMB0pkoQTUibAKhIniA1iSCF7sk7PA6VaN42HYm5rMG53ahBI-DC2VjBRHVCBwoQ65bS8crf4Ahmf0fNDIjHyz-TtREpUnFjaZonEwTCesMfrL4xoffZ0PuoGgohbVgcRpzcix2u8Fb32m_eyiyilDl6LArmOJrFAbhZPVecLoNMIYuSySxu9YBPvIHA91qnkdOxW0qtnAyFcOsCcxxz4Q-Wk9R4yiq20lZcduHd1PYFR8_HfL0kdMCcmvue0I5lxBHtCQFtA_6UQ-oJ3WkXWormLaVHV_dui1qQoPg5ZrqYI5-KLu_IGmUfMIAeYNJu6Lauyv5WDDPIBB9zi0ig5WZlYOPAMyy9GktQB_6Fk3W44MbmqitheFWc4TVzbNJVoUVRMvjlRQ11Te-TFZ9P6-hULtS-sH-Yh7fiQf3aZ4NfHxp_p58f0ZHF2jU6xJBj7Kv4SF0riDQJ8IfJLQ-GqDU5WZv93mqjc0JPi721Iwy0UXZyGNIneBmByM20yVRhlqXJGa9MUMdG1IDfZLb6GSZOdGi4kdIbSMHDZpGoiPIAJ5y5oAzCuBPZiv8uNtj_jN0qe89dfmRh7ULaBjE71YucHsV-jRK6PQHpboDlOJVcgGpuAOuoP4qrmbPW-yQWGktt9PKMlOqu3_Pn4V736x83wbUpp6vmO-n_Dzi_o2kfohH7nypPXqPyrXLA2er1FW4ICS20REYmJ3Dp-g5YbNMbzChKJ5MQaExNfJcXKL2bQJX0ViySUDJTpZL0I-dxoAec-svsCGiVgT1ZZFs8MYwDuFTlY4ydzzndnTyQtqqKn64Vqyn7ze1xIZ3myep66y8TYdaPX2cmgQ-31q2CGtaudHs5Xy6LpAx0_CAzO9W6JX4r2Dj_PhPoihu-kXdsTVXYZI3ODSpiltP_vrrAiOmE8lUarN7Bcf73lSrYfBBVlse6mozWwgzD0XbrEUw4ZZOuIdYdLZUKYHf2XMF4a7ZBnUXPv1kSlBHPunBn5Hz7qfCk6DOxWvwleO18LsKMQ7bIqKNdWaOMfnGjbU4bM8z-ODEE6T2d-8LADIRoMahwO1A6JC3tuV1MYGDW6BwxazF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

49a954453621dd16bb1c57d71d495d2df9b53cfd7105be52cd920e32b91c2e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653303849842887-10258305457642342129-sas6-5261-bf6-sas-l7-balancer-8080-BAL-2434
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 11:04:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 170 B
327 B 143ms
141ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T11%3A04%3A09.807%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=203307710&pr=3555817238&prr=&pv=11&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.584469&ybv=0.584469&ytt=433758947901445&is-turbo=0&skip-token=&ad-session-id=550631653303849775&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A13858%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=584469&available-width=1600&yaru=true&p1=cobal&p2=gttr&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&pcode-flags-map=eJylV02P2zYQ%2FSuFzz5QpCRKuVESbRErkQpJ2d4EwSBt9xYURbspCgT57x19%2BEO2l16gFwsw9B6HM2%2FejH6seq02xrbCrz58%2FrH65%2Bu37y%2BrDyupRdHI1Xr1%2BvL3q%2Fod%2F4lpTni%2B%2BvllvSprobcSykaVT%2BBra%2FptDY3ZqnLBIUqvjIai9x4fnVXGKv%2B84GSUUzpyWvmxl87DrhUdbKxp4VnoSh7A9gtSb%2FtFWAnljLKRYiccaLmHUjQNeAPz%2BV4efJgiSUgWjxTTtaHXru86Y72s8F6ikhZcaVXnwdkS9sJqpbcPOHkS81NYrZlCEaoxFkoz%2FHaikd5L0KKVC65GbWsPxXbBxxnhyZypToo5UcesiY3HGJW2pmnCcXEeR%2Bkprt5J6EpTYTFN22KEwntR1uBqUZn9A6Y8i7MTk%2BvtTj5jbpTH3ABKCjbKDqFpt8fYqt6KIQcLzihZMGY0JtGZ0Y%2B12EnrrnH4JuPxEhvnbJKBqDbmAC0WaqecKlSDogO82ijXBc3Lv38uFc4ZIyMHNsVc9%2BEiou0uca9%2FfX9ZwDKWzzBMp3NDIa4xt2edQHfjLTDkvZb2kuNzlGYp5Wua5CRJ8JFlWbRmSRxl2ZqyPGHDIyE8XdM0jmO2poRGhBxfYSRPU4RzkpMI4TyOsy%2BXMfE8mvMvKnBSajCFk1hXu7zKH19%2F%2Ffay7OOU5pPaNwrvgvev5ahi7cNpiBOWT0d%2Bkpqinivp1FYDjeAjQwnIDliQIKE0n%2BreWYkdD9YXmP9GaRnEcZonU8Sl6bUf%2FOJQ2yAk4yjQEXKyJqhMK5QOwbAelM0dpyppBnFgsxUGNn3ToK1gnoP4CP2NnHJbWPOEhcG8wtaqKozkSZbeDRgq5bxVRRCO2knjc22GcGGvKl%2BDasU2mF4UXJyRMxaPG5u5MHZoKisq1btf3snwLIa4p4BBNHvx7MJIxmdNVZvBIl1nNDamV600%2FXIUUELIEhsTNt35aIsI1T58XoI0F61s5eAdx%2FNAHoItgEdyTm%2FhagP4ux%2BM8JFC3mA4BrATTb%2BoFiP30fP0m9SpdIdFBmHb8NlplB99F43CKzcOoo0BbMGg3eLUJfE00hqJIxWHpEW7F1aJq4TTa9hc3qt%2BshInc4Uj%2B52NhUzHWguLAmmlF2e5SGvR%2BnGrueRIFviMxGS2nmm3GWx7p%2BR%2BWB2CR6c8nd1%2FeB00rgeldNhX2yCMU8SNMOc63HPKWg4RQidteaXSwfcvkUmUT3d1rbAec%2B2EKofcTaN%2B8IXw0ThY8kuVtLJSAiY2F%2FahM3Yw58r0o8rG7fFRc5yhk7TJgeBGgMEa51UQmUXJnKuyMfpU3dbsxhkdxlKesTewUxz0f%2BKjd%2BJHSCfKJ1ebcUiNtvQAjOqa7E%2FihilxDztgU%2Byt6FAnx8G87J0wIU7381p2NAlkGxY9VDzKR980%2B826mBFKsxALDn4c%2F1Aoj5vi8oqlb97gOg6W0k2rWuBav71%2Bu9pf%2BWw%2FQ0AKVeFNB8bXmCSPXzjQ9o1XNxv1RjTuahFmaZreEN1H327RJ7CoXPV0vWth8vOYXJUjn21nru92GKfY%2FtBhU0hbmMODckbzYD0mT8nogR5ZxN5eVkO7McHbTZXCKItw1%2BCXCYnP74JTnxYySCJKQu%2FfGfBRchfx8z%2BYvE9%2F&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LV5eB3fZ1UcR%2B886YQYpnSxdA%2BSpGyKdVMdqseSA9%2B6oiThkk1TihngKnM1FU1GXtYL1zx4VkyIl8J%2By5r7oW7BkN6M%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODB9ChKjtIzkOO5BBKiTj01US1n7bYFPl-GNjKOOVW21WjXoKm2nbuQePv3pTWrsvmVto6u7rvAk2rRZ4bEm6Djf93fvoQP0RAH2BtoWAYWZ4D99Hvxd1nv4didmJmZhYVCEhUWEKQphh8JQGQoDdUAVyvIQbqgKCUNVQHF9VSgKVTmAqRHkIcFIDiWhPFSsniyU5wvYCZUwoMrBAhRgIAIbTEjR4lkkSC0hghVPtRJFATmfeJBacjyLPBriUBZQXzR-qF2qIITEAaih_Kor-5qghCqgoK8CUFUQoEAsglwF-GFplUWywkhWxBUolDY3AcAWqPB7iKvWSIP5iVLvvFtw2ay1TFMH5NcGdpUos5B41QlXdddt_nct4fKvDpD6q8kCsisiXEmKHUFvDfICEV6KMkCyUxzNYf9QMNQrqr8nwZXhrXbvCdKFGshkdTwwlluKs1-yAIl8DZgrrDhAUrkAZhebucsPWWEZ_E-GMiQqsKHYZ_gsoM4G-AwzJDwzQhCGblRnUQj9hxVWxs04Q8mymfC6Q0nNihDWz6gKpQHyous6MtS5IWgzylGGsxyHynxFEY6MmfYKthIDitGTB1QB2QKb1eAsv0P9l79A9n8EZ-HsCm356meApdFBhArgIwjsXQPpnJXgY5DvulTDUralYtuT_S7LXX6N_V4Vqlc-5Q5bhv27t3yHuxMJRei_wmjup3blWWv-SxgqLrby3MGfQbo3G1Gbw6aGYap0lcX50u9cCflCJZ4hh4gWRrzrzg4Lpfx0Kx3GBohnJcUIOytekHOJYD9DWWl5KWDWE-9Su6SsfmDYJw0oBfiHaG4kXNGmk-Wzah4gW1EV_3TtrKFb9Zwf2oqozCFZGnsrQnxOEG3_wmHeFlruifrnn1cfRzWdQhIi-GymvVcT2tte9qVhBJSzZm3Y994HXEchmct1RV5eQRoq7gPWT85pKaZ6X-R3-G4tncf9sKs7TBStrH-deNboQc2op11VPSrl7BQga6qf7zbnM5vvKf76wOzs1NlrtuhlnyqgzuchpXzPij30feQr6Cp3Pwj_gx5YPi2-bEE6cAtw2lrcP1XO2T46KRNtZDQxMtEmqZmRKYojU8IIpcl7JvYWg8mYRGluSI0JuFZzoqXXxTRRrDdYc3q9IUoMEbjWLcS74H_PJ55dBRgAHdSO_lerJXUavknoHZ2qdtOIeShcBWNfRTo329ajGj52MtKhihGDn0Vdsae5yA_BPhZWCNdJ5m69bSZY2RmZ2Hs4DHozipzelGq14FppUrokB4Q2G0BWRiZzjNKljAZNpKcpKtkCWdnsK7mpNNEVSRV25VWgDTjLaHSxMdWhcAjTamjQ6BKzhj7RrVoqoGrS0-mH09QOuqHXNDYcKkPKr2JcxcyYGDTZqq1sjYmX9JwP4gxlrI0ZTImtqsdiU8yDK1NsQKXN4igx2rJSUGI-AGQZGHFEm9HqUSY765ynaB4HIcL-u_Nknyi7KQYSVnTm5Jh4Uz9jx8TbCmaMmHhPOFO_MfHGz6k6qcLEuwpmDZj2F5OuInckd96G7JolkNi3xpWSYVtjYjraKHOVJQZNFOkNAhJTzW7JEBmmBhQgK0dLk_KSlUUJ6JFLQuvXQjQ1crLcLpcj8K7WnNiS66mBLnfB-wXEypiDDWbebDnbKgAtx8mYJSeHVJ9tKzCrrYKLOHWTxL6Sa6YeYWyn4v3bVxG4u68-VGR7fKf8qsigSw3m2EA353-KrZwExE-wK34PiLa3gpJ7T8KkrK0te0om4xYHyzspOJsHI1jcGRxwQpCxio2kbixMoOYKQ0k2C5z0zYntwCoG-rF7rrByMPOqvCYtNW3Bv7zyF1YGk54eVRbpEoNZa-WlzLPXHJJNsTZy9hqfCn89oU915pbu4MLT2EkbJ5Nxrc_PcqcMA-rJhWhsFY-LPoVvUr_EnhuXF0I_Rkb1ZFTOxE7DW3SthqEIDbdxcZQedMdvHfsufQSe8EHz_ePk2GQdvz-2WNyJPo1Pz3xPx0QjBG7yv72L7BFN1bC14GsfRV-siXAHP_gKxLkFncWC15EpS4hSMmHsicxPeYTMxgvi7kA0ZDoy51SFfUx4yy5EeB02zInZd5yToMYdqR7V7ZBmANrLJHEN7lY9qgfIB59E_Z_Ae0BdODkzZDUwkkep1V1I8DpIUUD2qR5HUKE55ddw4mBUH6p64F_UvaTkHQVUetcRnGGXJ5si1bgA1-D51Wra6wf5axB7ZU2mVSSZUhR6TZQ9rXJH791C2kp385LbKDSFMOh15iaymbQJ_QSPAYhQvRw_ub8EKm2i09uS_VW1ycbcVi_LGGK6OaUuiuknPut_sWpvmpGgjBMwMmMM-pJGdlp-BvE8p0ofYkxwBPo9iQ9dYo7TuV9MH2l0yw-7B_SU5Uo9CrRzpbe4h6F_1KAjRRMM2vdS939rsLJkHrRsAmL-SbkTto4cSyIumyewTQTPmPBgz15bbzBX1sB0hBTRQsjMyppPcM-Y1M72KcymJOP550O9GqN3cnxFdzcvDv_rs5Cn_GefKYNWb9JEiSfjM8bniXbi1XqG7X_xV2He_HpTxstbBByTuPtOoUYs841z_zzo3Ofx6gHGbSCb28APYYQkODgQkOrJxM5lWJgtEGJchiMvUxwNg3Xyk6f9L04OgrVeJuw8hpXZAj7GYzjyMbD-73s3HkrpjFw1j3SbOGP7IECSwT-2noAOPGZ06DCewJFPgH1sougfxk75wCKD7E6hSRd6orEWHUmLY9uuVTd_3C4LFow3YODXeD8C5KlTlZAnbAejLP8FS9BLflzeJtaKW88-SVF0MemchHdAkPs3QgcBxo0wbsT7RiQTUH9i_oB4W1Ut8d91RdyKzq-VmPdg9q62F1H6KXixR6IsRPc8Ynqf6NCLnlULx7WnnIzhUWx5xW9xv7CwOaOBGJfg8EuQvuZJj5vE2THg3P5krDkmyq3YLObhb9FeWN74tlJAHumbLKXN0-c4z8Epcuvz6zmK1PrMY3D241Jur9SERIjrWk-RoWi1YGNmw3sC0h7f6rnGm8O6TxMbafS6KD3l0lp88_9Pq8eVu-Dr57zztet4TsCIG1TpzWxai4272LWmbe_4Cp79PL_72HkV35DW0dF4e6jWmJpMdno97dhg_i0mLyosmuvcrSVcKqPc0oe0qWinv3DQugrNw9RbdCifxpDlbOhZ8vr-trJZSEtEHO4WoCk-kh9I4XsBoHg8HEJmVvBw5a7GTJTN_zq_c6onRdZIpWc2NmFZ6Ksx3lJplVU9nkM_zxEbKfhRDEuqMeGUcqS3tpcfE7xHyCF55OhIjyHmOuWyQcDJlEvSLuedpipvHN7Hh2zy9vxh8YIOl2iOkT-i9zhHm9Uf6eonceOCsWEIYfl1RL6yuT8QCwsnDwTGX6Za1inb0L6E--9eqkYWXVEVLye_Sok0DZUStVtm0MpPwRxk89OVsENSjKk4KvArPEHH1GW1WN8HjXg0XRFAz4EwVp1IRndoXpa_loueosgqMm3PKpQ7gUHIZCLW8Xy-ukD1kaNtDZJ3ZHZVya3MjXEgLrX6ZklLycQno1R5rczF415Q7K26790JZehfjLvbGydQbVobcfAS1IhfeQv9OZHrbldjp7ktzCwcTLrA20FvphtQfEa3zYY3VlQB-Y6PuAsr8yCEalcCeQ4EcMACLOA6Ki1pK8u8Ea1uK7_Bb2HdHrGXUKJqdSrnuo-MlYWDOxro8dq3G17RrT-IJyl3lAFZz2_6Gcb2NOXkzLcfruEoSY3aP2SkrDaQkkkOGtmO6BbqwqGmwZ-ST96TV4800SNIcncg03c7S7lrsM7BHQ7_xXPx_ENkPxsLoU6-9cK6g7mn9uGJD1_58il_7tsItxVbctWX8PAFiB11zkMEj1rISnqqLqHfoTphKaGTwr739uWbX-73uZM2sTCzoOVkSkW4zQrcp1KRaDTFDqovKmvezsMB0pkoQTUibAKhIniA1iSCF7sk7PA6VaN42HYm5rMG53ahBI-DC2VjBRHVCBwoQ65bS8crf4Ahmf0fNDIjHyz-TtREpUnFjaZonEwTCesMfrL4xoffZ0PuoGgohbVgcRpzcix2u8Fb32m_eyiyilDl6LArmOJrFAbhZPVecLoNMIYuSySxu9YBPvIHA91qnkdOxW0qtnAyFcOsCcxxz4Q-Wk9R4yiq20lZcduHd1PYFR8_HfL0kdMCcmvue0I5lxBHtCQFtA_6UQ-oJ3WkXWormLaVHV_dui1qQoPg5ZrqYI5-KLu_IGmUfMIAeYNJu6Lauyv5WDDPIBB9zi0ig5WZlYOPAMyy9GktQB_6Fk3W44MbmqitheFWc4TVzbNJVoUVRMvjlRQ11Te-TFZ9P6-hULtS-sH-Yh7fiQf3aZ4NfHxp_p58f0ZHF2jU6xJBj7Kv4SF0riDQJ8IfJLQ-GqDU5WZv93mqjc0JPi721Iwy0UXZyGNIneBmByM20yVRhlqXJGa9MUMdG1IDfZLb6GSZOdGi4kdIbSMHDZpGoiPIAJ5y5oAzCuBPZiv8uNtj_jN0qe89dfmRh7ULaBjE71YucHsV-jRK6PQHpboDlOJVcgGpuAOuoP4qrmbPW-yQWGktt9PKMlOqu3_Pn4V736x83wbUpp6vmO-n_Dzi_o2kfohH7nypPXqPyrXLA2er1FW4ICS20REYmJ3Dp-g5YbNMbzChKJ5MQaExNfJcXKL2bQJX0ViySUDJTpZL0I-dxoAec-svsCGiVgT1ZZFs8MYwDuFTlY4ydzzndnTyQtqqKn64Vqyn7ze1xIZ3myep66y8TYdaPX2cmgQ-31q2CGtaudHs5Xy6LpAx0_CAzO9W6JX4r2Dj_PhPoihu-kXdsTVXYZI3ODSpiltP_vrrAiOmE8lUarN7Bcf73lSrYfBBVlse6mozWwgzD0XbrEUw4ZZOuIdYdLZUKYHf2XMF4a7ZBnUXPv1kSlBHPunBn5Hz7qfCk6DOxWvwleO18LsKMQ7bIqKNdWaOMfnGjbU4bM8z-ODEE6T2d-8LADIRoMahwO1A6JC3tuV1MYGDW6BwxazF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9bbfe183a5e35ec2e70e912b6faf020a6caa0ea879b4611392889c8b92c313b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653303849898905-15500483185419949131-sas6-5261-bf6-sas-l7-balancer-8080-BAL-9302
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 11:04:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 2 KB
1 KB 144ms
143ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T11%3A04%3A09.826%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=2033282080&pr=3555817238&prr=&pv=11&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.584469&ybv=0.584469&ytt=433758947901445&is-turbo=0&skip-token=&ad-session-id=550631653303849775&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A241%2C%22h%22%3A0%2C%22width%22%3A241%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1103%2C%22top%22%3A572%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=584469&available-width=241&yaru=true&p1=crsny&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&pcode-flags-map=eJylV02P2zYQ%2FSuFzz5QpCRKuVESbRErkQpJ2d4EwSBt9xYURbspCgT57x19%2BEO2l16gFwsw9B6HM2%2FejH6seq02xrbCrz58%2FrH65%2Bu37y%2BrDyupRdHI1Xr1%2BvL3q%2Fod%2F4lpTni%2B%2BvllvSprobcSykaVT%2BBra%2FptDY3ZqnLBIUqvjIai9x4fnVXGKv%2B84GSUUzpyWvmxl87DrhUdbKxp4VnoSh7A9gtSb%2FtFWAnljLKRYiccaLmHUjQNeAPz%2BV4efJgiSUgWjxTTtaHXru86Y72s8F6ikhZcaVXnwdkS9sJqpbcPOHkS81NYrZlCEaoxFkoz%2FHaikd5L0KKVC65GbWsPxXbBxxnhyZypToo5UcesiY3HGJW2pmnCcXEeR%2Bkprt5J6EpTYTFN22KEwntR1uBqUZn9A6Y8i7MTk%2BvtTj5jbpTH3ABKCjbKDqFpt8fYqt6KIQcLzihZMGY0JtGZ0Y%2B12EnrrnH4JuPxEhvnbJKBqDbmAC0WaqecKlSDogO82ijXBc3Lv38uFc4ZIyMHNsVc9%2BEiou0uca9%2FfX9ZwDKWzzBMp3NDIa4xt2edQHfjLTDkvZb2kuNzlGYp5Wua5CRJ8JFlWbRmSRxl2ZqyPGHDIyE8XdM0jmO2poRGhBxfYSRPU4RzkpMI4TyOsy%2BXMfE8mvMvKnBSajCFk1hXu7zKH19%2F%2Ffay7OOU5pPaNwrvgvev5ahi7cNpiBOWT0d%2Bkpqinivp1FYDjeAjQwnIDliQIKE0n%2BreWYkdD9YXmP9GaRnEcZonU8Sl6bUf%2FOJQ2yAk4yjQEXKyJqhMK5QOwbAelM0dpyppBnFgsxUGNn3ToK1gnoP4CP2NnHJbWPOEhcG8wtaqKozkSZbeDRgq5bxVRRCO2knjc22GcGGvKl%2BDasU2mF4UXJyRMxaPG5u5MHZoKisq1btf3snwLIa4p4BBNHvx7MJIxmdNVZvBIl1nNDamV600%2FXIUUELIEhsTNt35aIsI1T58XoI0F61s5eAdx%2FNAHoItgEdyTm%2FhagP4ux%2BM8JFC3mA4BrATTb%2BoFiP30fP0m9SpdIdFBmHb8NlplB99F43CKzcOoo0BbMGg3eLUJfE00hqJIxWHpEW7F1aJq4TTa9hc3qt%2BshInc4Uj%2B52NhUzHWguLAmmlF2e5SGvR%2BnGrueRIFviMxGS2nmm3GWx7p%2BR%2BWB2CR6c8nd1%2FeB00rgeldNhX2yCMU8SNMOc63HPKWg4RQidteaXSwfcvkUmUT3d1rbAec%2B2EKofcTaN%2B8IXw0ThY8kuVtLJSAiY2F%2FahM3Yw58r0o8rG7fFRc5yhk7TJgeBGgMEa51UQmUXJnKuyMfpU3dbsxhkdxlKesTewUxz0f%2BKjd%2BJHSCfKJ1ebcUiNtvQAjOqa7E%2FihilxDztgU%2Byt6FAnx8G87J0wIU7381p2NAlkGxY9VDzKR980%2B826mBFKsxALDn4c%2F1Aoj5vi8oqlb97gOg6W0k2rWuBav71%2Bu9pf%2BWw%2FQ0AKVeFNB8bXmCSPXzjQ9o1XNxv1RjTuahFmaZreEN1H327RJ7CoXPV0vWth8vOYXJUjn21nru92GKfY%2FtBhU0hbmMODckbzYD0mT8nogR5ZxN5eVkO7McHbTZXCKItw1%2BCXCYnP74JTnxYySCJKQu%2FfGfBRchfx8z%2BYvE9%2F&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LV5eB3fZ1UcR%2B886YQYpnSxdA%2BSpGyKdVMdqseSA9%2B6oiThkk1TihngKnM1FU1GXtYL1zx4VkyIl8J%2By5r7oW7BkN6M%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODB9ChKjtIzkOO5BBKiTj01US1n7bYFPl-GNjKOOVW21WjXoKm2nbuQePv3pTWrsvmVto6u7rvAk2rRZ4bEm6Djf93fvoQP0RAH2BtoWAYWZ4D99Hvxd1nv4didmJmZhYVCEhUWEKQphh8JQGQoDdUAVyvIQbqgKCUNVQHF9VSgKVTmAqRHkIcFIDiWhPFSsniyU5wvYCZUwoMrBAhRgIAIbTEjR4lkkSC0hghVPtRJFATmfeJBacjyLPBriUBZQXzR-qF2qIITEAaih_Kor-5qghCqgoK8CUFUQoEAsglwF-GFplUWywkhWxBUolDY3AcAWqPB7iKvWSIP5iVLvvFtw2ay1TFMH5NcGdpUos5B41QlXdddt_nct4fKvDpD6q8kCsisiXEmKHUFvDfICEV6KMkCyUxzNYf9QMNQrqr8nwZXhrXbvCdKFGshkdTwwlluKs1-yAIl8DZgrrDhAUrkAZhebucsPWWEZ_E-GMiQqsKHYZ_gsoM4G-AwzJDwzQhCGblRnUQj9hxVWxs04Q8mymfC6Q0nNihDWz6gKpQHyous6MtS5IWgzylGGsxyHynxFEY6MmfYKthIDitGTB1QB2QKb1eAsv0P9l79A9n8EZ-HsCm356meApdFBhArgIwjsXQPpnJXgY5DvulTDUralYtuT_S7LXX6N_V4Vqlc-5Q5bhv27t3yHuxMJRei_wmjup3blWWv-SxgqLrby3MGfQbo3G1Gbw6aGYap0lcX50u9cCflCJZ4hh4gWRrzrzg4Lpfx0Kx3GBohnJcUIOytekHOJYD9DWWl5KWDWE-9Su6SsfmDYJw0oBfiHaG4kXNGmk-Wzah4gW1EV_3TtrKFb9Zwf2oqozCFZGnsrQnxOEG3_wmHeFlruifrnn1cfRzWdQhIi-GymvVcT2tte9qVhBJSzZm3Y994HXEchmct1RV5eQRoq7gPWT85pKaZ6X-R3-G4tncf9sKs7TBStrH-deNboQc2op11VPSrl7BQga6qf7zbnM5vvKf76wOzs1NlrtuhlnyqgzuchpXzPij30feQr6Cp3Pwj_gx5YPi2-bEE6cAtw2lrcP1XO2T46KRNtZDQxMtEmqZmRKYojU8IIpcl7JvYWg8mYRGluSI0JuFZzoqXXxTRRrDdYc3q9IUoMEbjWLcS74H_PJ55dBRgAHdSO_lerJXUavknoHZ2qdtOIeShcBWNfRTo329ajGj52MtKhihGDn0Vdsae5yA_BPhZWCNdJ5m69bSZY2RmZ2Hs4DHozipzelGq14FppUrokB4Q2G0BWRiZzjNKljAZNpKcpKtkCWdnsK7mpNNEVSRV25VWgDTjLaHSxMdWhcAjTamjQ6BKzhj7RrVoqoGrS0-mH09QOuqHXNDYcKkPKr2JcxcyYGDTZqq1sjYmX9JwP4gxlrI0ZTImtqsdiU8yDK1NsQKXN4igx2rJSUGI-AGQZGHFEm9HqUSY765ynaB4HIcL-u_Nknyi7KQYSVnTm5Jh4Uz9jx8TbCmaMmHhPOFO_MfHGz6k6qcLEuwpmDZj2F5OuInckd96G7JolkNi3xpWSYVtjYjraKHOVJQZNFOkNAhJTzW7JEBmmBhQgK0dLk_KSlUUJ6JFLQuvXQjQ1crLcLpcj8K7WnNiS66mBLnfB-wXEypiDDWbebDnbKgAtx8mYJSeHVJ9tKzCrrYKLOHWTxL6Sa6YeYWyn4v3bVxG4u68-VGR7fKf8qsigSw3m2EA353-KrZwExE-wK34PiLa3gpJ7T8KkrK0te0om4xYHyzspOJsHI1jcGRxwQpCxio2kbixMoOYKQ0k2C5z0zYntwCoG-rF7rrByMPOqvCYtNW3Bv7zyF1YGk54eVRbpEoNZa-WlzLPXHJJNsTZy9hqfCn89oU915pbu4MLT2EkbJ5Nxrc_PcqcMA-rJhWhsFY-LPoVvUr_EnhuXF0I_Rkb1ZFTOxE7DW3SthqEIDbdxcZQedMdvHfsufQSe8EHz_ePk2GQdvz-2WNyJPo1Pz3xPx0QjBG7yv72L7BFN1bC14GsfRV-siXAHP_gKxLkFncWC15EpS4hSMmHsicxPeYTMxgvi7kA0ZDoy51SFfUx4yy5EeB02zInZd5yToMYdqR7V7ZBmANrLJHEN7lY9qgfIB59E_Z_Ae0BdODkzZDUwkkep1V1I8DpIUUD2qR5HUKE55ddw4mBUH6p64F_UvaTkHQVUetcRnGGXJ5si1bgA1-D51Wra6wf5axB7ZU2mVSSZUhR6TZQ9rXJH791C2kp385LbKDSFMOh15iaymbQJ_QSPAYhQvRw_ub8EKm2i09uS_VW1ycbcVi_LGGK6OaUuiuknPut_sWpvmpGgjBMwMmMM-pJGdlp-BvE8p0ofYkxwBPo9iQ9dYo7TuV9MH2l0yw-7B_SU5Uo9CrRzpbe4h6F_1KAjRRMM2vdS939rsLJkHrRsAmL-SbkTto4cSyIumyewTQTPmPBgz15bbzBX1sB0hBTRQsjMyppPcM-Y1M72KcymJOP550O9GqN3cnxFdzcvDv_rs5Cn_GefKYNWb9JEiSfjM8bniXbi1XqG7X_xV2He_HpTxstbBByTuPtOoUYs841z_zzo3Ofx6gHGbSCb28APYYQkODgQkOrJxM5lWJgtEGJchiMvUxwNg3Xyk6f9L04OgrVeJuw8hpXZAj7GYzjyMbD-73s3HkrpjFw1j3SbOGP7IECSwT-2noAOPGZ06DCewJFPgH1sougfxk75wCKD7E6hSRd6orEWHUmLY9uuVTd_3C4LFow3YODXeD8C5KlTlZAnbAejLP8FS9BLflzeJtaKW88-SVF0MemchHdAkPs3QgcBxo0wbsT7RiQTUH9i_oB4W1Ut8d91RdyKzq-VmPdg9q62F1H6KXixR6IsRPc8Ynqf6NCLnlULx7WnnIzhUWx5xW9xv7CwOaOBGJfg8EuQvuZJj5vE2THg3P5krDkmyq3YLObhb9FeWN74tlJAHumbLKXN0-c4z8Epcuvz6zmK1PrMY3D241Jur9SERIjrWk-RoWi1YGNmw3sC0h7f6rnGm8O6TxMbafS6KD3l0lp88_9Pq8eVu-Dr57zztet4TsCIG1TpzWxai4272LWmbe_4Cp79PL_72HkV35DW0dF4e6jWmJpMdno97dhg_i0mLyosmuvcrSVcKqPc0oe0qWinv3DQugrNw9RbdCifxpDlbOhZ8vr-trJZSEtEHO4WoCk-kh9I4XsBoHg8HEJmVvBw5a7GTJTN_zq_c6onRdZIpWc2NmFZ6Ksx3lJplVU9nkM_zxEbKfhRDEuqMeGUcqS3tpcfE7xHyCF55OhIjyHmOuWyQcDJlEvSLuedpipvHN7Hh2zy9vxh8YIOl2iOkT-i9zhHm9Uf6eonceOCsWEIYfl1RL6yuT8QCwsnDwTGX6Za1inb0L6E--9eqkYWXVEVLye_Sok0DZUStVtm0MpPwRxk89OVsENSjKk4KvArPEHH1GW1WN8HjXg0XRFAz4EwVp1IRndoXpa_loueosgqMm3PKpQ7gUHIZCLW8Xy-ukD1kaNtDZJ3ZHZVya3MjXEgLrX6ZklLycQno1R5rczF415Q7K26790JZehfjLvbGydQbVobcfAS1IhfeQv9OZHrbldjp7ktzCwcTLrA20FvphtQfEa3zYY3VlQB-Y6PuAsr8yCEalcCeQ4EcMACLOA6Ki1pK8u8Ea1uK7_Bb2HdHrGXUKJqdSrnuo-MlYWDOxro8dq3G17RrT-IJyl3lAFZz2_6Gcb2NOXkzLcfruEoSY3aP2SkrDaQkkkOGtmO6BbqwqGmwZ-ST96TV4800SNIcncg03c7S7lrsM7BHQ7_xXPx_ENkPxsLoU6-9cK6g7mn9uGJD1_58il_7tsItxVbctWX8PAFiB11zkMEj1rISnqqLqHfoTphKaGTwr739uWbX-73uZM2sTCzoOVkSkW4zQrcp1KRaDTFDqovKmvezsMB0pkoQTUibAKhIniA1iSCF7sk7PA6VaN42HYm5rMG53ahBI-DC2VjBRHVCBwoQ65bS8crf4Ahmf0fNDIjHyz-TtREpUnFjaZonEwTCesMfrL4xoffZ0PuoGgohbVgcRpzcix2u8Fb32m_eyiyilDl6LArmOJrFAbhZPVecLoNMIYuSySxu9YBPvIHA91qnkdOxW0qtnAyFcOsCcxxz4Q-Wk9R4yiq20lZcduHd1PYFR8_HfL0kdMCcmvue0I5lxBHtCQFtA_6UQ-oJ3WkXWormLaVHV_dui1qQoPg5ZrqYI5-KLu_IGmUfMIAeYNJu6Lauyv5WDDPIBB9zi0ig5WZlYOPAMyy9GktQB_6Fk3W44MbmqitheFWc4TVzbNJVoUVRMvjlRQ11Te-TFZ9P6-hULtS-sH-Yh7fiQf3aZ4NfHxp_p58f0ZHF2jU6xJBj7Kv4SF0riDQJ8IfJLQ-GqDU5WZv93mqjc0JPi721Iwy0UXZyGNIneBmByM20yVRhlqXJGa9MUMdG1IDfZLb6GSZOdGi4kdIbSMHDZpGoiPIAJ5y5oAzCuBPZiv8uNtj_jN0qe89dfmRh7ULaBjE71YucHsV-jRK6PQHpboDlOJVcgGpuAOuoP4qrmbPW-yQWGktt9PKMlOqu3_Pn4V736x83wbUpp6vmO-n_Dzi_o2kfohH7nypPXqPyrXLA2er1FW4ICS20REYmJ3Dp-g5YbNMbzChKJ5MQaExNfJcXKL2bQJX0ViySUDJTpZL0I-dxoAec-svsCGiVgT1ZZFs8MYwDuFTlY4ydzzndnTyQtqqKn64Vqyn7ze1xIZ3myep66y8TYdaPX2cmgQ-31q2CGtaudHs5Xy6LpAx0_CAzO9W6JX4r2Dj_PhPoihu-kXdsTVXYZI3ODSpiltP_vrrAiOmE8lUarN7Bcf73lSrYfBBVlse6mozWwgzD0XbrEUw4ZZOuIdYdLZUKYHf2XMF4a7ZBnUXPv1kSlBHPunBn5Hz7qfCk6DOxWvwleO18LsKMQ7bIqKNdWaOMfnGjbU4bM8z-ODEE6T2d-8LADIRoMahwO1A6JC3tuV1MYGDW6BwxazF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fc674ac296af3ea03eee3165e0950e85286eb87d7b0a85e204697c0a87cfebf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1653303849899319-1068057377877294420-sas6-5261-bf6-sas-l7-balancer-8080-BAL-9945
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 11:04:09 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 11:04:09 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 140 KB
40 KB 387ms
385ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-05-23T11%3A04%3A09.837%2B00%3A00&pd=23&pdh=1200&pdw=1600&pr1=2885662615&pr=3555817238&prr=&pv=11&pw=1&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.584469&ybv=0.584469&ytt=433758947901445&is-turbo=0&skip-token=&ad-session-id=550631653303849775&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A436%2C%22top%22%3A330%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=584469&available-width=728&yaru=true&p1=crsnx&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&pcode-flags-map=eJylV02P2zYQ%2FSuFzz5QpCRKuVESbRErkQpJ2d4EwSBt9xYURbspCgT57x19%2BEO2l16gFwsw9B6HM2%2FejH6seq02xrbCrz58%2FrH65%2Bu37y%2BrDyupRdHI1Xr1%2BvL3q%2Fod%2F4lpTni%2B%2BvllvSprobcSykaVT%2BBra%2FptDY3ZqnLBIUqvjIai9x4fnVXGKv%2B84GSUUzpyWvmxl87DrhUdbKxp4VnoSh7A9gtSb%2FtFWAnljLKRYiccaLmHUjQNeAPz%2BV4efJgiSUgWjxTTtaHXru86Y72s8F6ikhZcaVXnwdkS9sJqpbcPOHkS81NYrZlCEaoxFkoz%2FHaikd5L0KKVC65GbWsPxXbBxxnhyZypToo5UcesiY3HGJW2pmnCcXEeR%2Bkprt5J6EpTYTFN22KEwntR1uBqUZn9A6Y8i7MTk%2BvtTj5jbpTH3ABKCjbKDqFpt8fYqt6KIQcLzihZMGY0JtGZ0Y%2B12EnrrnH4JuPxEhvnbJKBqDbmAC0WaqecKlSDogO82ijXBc3Lv38uFc4ZIyMHNsVc9%2BEiou0uca9%2FfX9ZwDKWzzBMp3NDIa4xt2edQHfjLTDkvZb2kuNzlGYp5Wua5CRJ8JFlWbRmSRxl2ZqyPGHDIyE8XdM0jmO2poRGhBxfYSRPU4RzkpMI4TyOsy%2BXMfE8mvMvKnBSajCFk1hXu7zKH19%2F%2Ffay7OOU5pPaNwrvgvev5ahi7cNpiBOWT0d%2Bkpqinivp1FYDjeAjQwnIDliQIKE0n%2BreWYkdD9YXmP9GaRnEcZonU8Sl6bUf%2FOJQ2yAk4yjQEXKyJqhMK5QOwbAelM0dpyppBnFgsxUGNn3ToK1gnoP4CP2NnHJbWPOEhcG8wtaqKozkSZbeDRgq5bxVRRCO2knjc22GcGGvKl%2BDasU2mF4UXJyRMxaPG5u5MHZoKisq1btf3snwLIa4p4BBNHvx7MJIxmdNVZvBIl1nNDamV600%2FXIUUELIEhsTNt35aIsI1T58XoI0F61s5eAdx%2FNAHoItgEdyTm%2FhagP4ux%2BM8JFC3mA4BrATTb%2BoFiP30fP0m9SpdIdFBmHb8NlplB99F43CKzcOoo0BbMGg3eLUJfE00hqJIxWHpEW7F1aJq4TTa9hc3qt%2BshInc4Uj%2B52NhUzHWguLAmmlF2e5SGvR%2BnGrueRIFviMxGS2nmm3GWx7p%2BR%2BWB2CR6c8nd1%2FeB00rgeldNhX2yCMU8SNMOc63HPKWg4RQidteaXSwfcvkUmUT3d1rbAec%2B2EKofcTaN%2B8IXw0ThY8kuVtLJSAiY2F%2FahM3Yw58r0o8rG7fFRc5yhk7TJgeBGgMEa51UQmUXJnKuyMfpU3dbsxhkdxlKesTewUxz0f%2BKjd%2BJHSCfKJ1ebcUiNtvQAjOqa7E%2FihilxDztgU%2Byt6FAnx8G87J0wIU7381p2NAlkGxY9VDzKR980%2B826mBFKsxALDn4c%2F1Aoj5vi8oqlb97gOg6W0k2rWuBav71%2Bu9pf%2BWw%2FQ0AKVeFNB8bXmCSPXzjQ9o1XNxv1RjTuahFmaZreEN1H327RJ7CoXPV0vWth8vOYXJUjn21nru92GKfY%2FtBhU0hbmMODckbzYD0mT8nogR5ZxN5eVkO7McHbTZXCKItw1%2BCXCYnP74JTnxYySCJKQu%2FfGfBRchfx8z%2BYvE9%2F&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=LV5eB3fZ1UcR%2B886YQYpnSxdA%2BSpGyKdVMdqseSA9%2B6oiThkk1TihngKnM1FU1GXtYL1zx4VkyIl8J%2By5r7oW7BkN6M%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4ODB9ChKjtIzkOO5BBKiTj01US1n7bYFPl-GNjKOOVW21WjXoKm2nbuQePv3pTWrsvmVto6u7rvAk2rRZ4bEm6Djf93fvoQP0RAH2BtoWAYWZ4D99Hvxd1nv4didmJmZhYVCEhUWEKQphh8JQGQoDdUAVyvIQbqgKCUNVQHF9VSgKVTmAqRHkIcFIDiWhPFSsniyU5wvYCZUwoMrBAhRgIAIbTEjR4lkkSC0hghVPtRJFATmfeJBacjyLPBriUBZQXzR-qF2qIITEAaih_Kor-5qghCqgoK8CUFUQoEAsglwF-GFplUWywkhWxBUolDY3AcAWqPB7iKvWSIP5iVLvvFtw2ay1TFMH5NcGdpUos5B41QlXdddt_nct4fKvDpD6q8kCsisiXEmKHUFvDfICEV6KMkCyUxzNYf9QMNQrqr8nwZXhrXbvCdKFGshkdTwwlluKs1-yAIl8DZgrrDhAUrkAZhebucsPWWEZ_E-GMiQqsKHYZ_gsoM4G-AwzJDwzQhCGblRnUQj9hxVWxs04Q8mymfC6Q0nNihDWz6gKpQHyous6MtS5IWgzylGGsxyHynxFEY6MmfYKthIDitGTB1QB2QKb1eAsv0P9l79A9n8EZ-HsCm356meApdFBhArgIwjsXQPpnJXgY5DvulTDUralYtuT_S7LXX6N_V4Vqlc-5Q5bhv27t3yHuxMJRei_wmjup3blWWv-SxgqLrby3MGfQbo3G1Gbw6aGYap0lcX50u9cCflCJZ4hh4gWRrzrzg4Lpfx0Kx3GBohnJcUIOytekHOJYD9DWWl5KWDWE-9Su6SsfmDYJw0oBfiHaG4kXNGmk-Wzah4gW1EV_3TtrKFb9Zwf2oqozCFZGnsrQnxOEG3_wmHeFlruifrnn1cfRzWdQhIi-GymvVcT2tte9qVhBJSzZm3Y994HXEchmct1RV5eQRoq7gPWT85pKaZ6X-R3-G4tncf9sKs7TBStrH-deNboQc2op11VPSrl7BQga6qf7zbnM5vvKf76wOzs1NlrtuhlnyqgzuchpXzPij30feQr6Cp3Pwj_gx5YPi2-bEE6cAtw2lrcP1XO2T46KRNtZDQxMtEmqZmRKYojU8IIpcl7JvYWg8mYRGluSI0JuFZzoqXXxTRRrDdYc3q9IUoMEbjWLcS74H_PJ55dBRgAHdSO_lerJXUavknoHZ2qdtOIeShcBWNfRTo329ajGj52MtKhihGDn0Vdsae5yA_BPhZWCNdJ5m69bSZY2RmZ2Hs4DHozipzelGq14FppUrokB4Q2G0BWRiZzjNKljAZNpKcpKtkCWdnsK7mpNNEVSRV25VWgDTjLaHSxMdWhcAjTamjQ6BKzhj7RrVoqoGrS0-mH09QOuqHXNDYcKkPKr2JcxcyYGDTZqq1sjYmX9JwP4gxlrI0ZTImtqsdiU8yDK1NsQKXN4igx2rJSUGI-AGQZGHFEm9HqUSY765ynaB4HIcL-u_Nknyi7KQYSVnTm5Jh4Uz9jx8TbCmaMmHhPOFO_MfHGz6k6qcLEuwpmDZj2F5OuInckd96G7JolkNi3xpWSYVtjYjraKHOVJQZNFOkNAhJTzW7JEBmmBhQgK0dLk_KSlUUJ6JFLQuvXQjQ1crLcLpcj8K7WnNiS66mBLnfB-wXEypiDDWbebDnbKgAtx8mYJSeHVJ9tKzCrrYKLOHWTxL6Sa6YeYWyn4v3bVxG4u68-VGR7fKf8qsigSw3m2EA353-KrZwExE-wK34PiLa3gpJ7T8KkrK0te0om4xYHyzspOJsHI1jcGRxwQpCxio2kbixMoOYKQ0k2C5z0zYntwCoG-rF7rrByMPOqvCYtNW3Bv7zyF1YGk54eVRbpEoNZa-WlzLPXHJJNsTZy9hqfCn89oU915pbu4MLT2EkbJ5Nxrc_PcqcMA-rJhWhsFY-LPoVvUr_EnhuXF0I_Rkb1ZFTOxE7DW3SthqEIDbdxcZQedMdvHfsufQSe8EHz_ePk2GQdvz-2WNyJPo1Pz3xPx0QjBG7yv72L7BFN1bC14GsfRV-siXAHP_gKxLkFncWC15EpS4hSMmHsicxPeYTMxgvi7kA0ZDoy51SFfUx4yy5EeB02zInZd5yToMYdqR7V7ZBmANrLJHEN7lY9qgfIB59E_Z_Ae0BdODkzZDUwkkep1V1I8DpIUUD2qR5HUKE55ddw4mBUH6p64F_UvaTkHQVUetcRnGGXJ5si1bgA1-D51Wra6wf5axB7ZU2mVSSZUhR6TZQ9rXJH791C2kp385LbKDSFMOh15iaymbQJ_QSPAYhQvRw_ub8EKm2i09uS_VW1ycbcVi_LGGK6OaUuiuknPut_sWpvmpGgjBMwMmMM-pJGdlp-BvE8p0ofYkxwBPo9iQ9dYo7TuV9MH2l0yw-7B_SU5Uo9CrRzpbe4h6F_1KAjRRMM2vdS939rsLJkHrRsAmL-SbkTto4cSyIumyewTQTPmPBgz15bbzBX1sB0hBTRQsjMyppPcM-Y1M72KcymJOP550O9GqN3cnxFdzcvDv_rs5Cn_GefKYNWb9JEiSfjM8bniXbi1XqG7X_xV2He_HpTxstbBByTuPtOoUYs841z_zzo3Ofx6gHGbSCb28APYYQkODgQkOrJxM5lWJgtEGJchiMvUxwNg3Xyk6f9L04OgrVeJuw8hpXZAj7GYzjyMbD-73s3HkrpjFw1j3SbOGP7IECSwT-2noAOPGZ06DCewJFPgH1sougfxk75wCKD7E6hSRd6orEWHUmLY9uuVTd_3C4LFow3YODXeD8C5KlTlZAnbAejLP8FS9BLflzeJtaKW88-SVF0MemchHdAkPs3QgcBxo0wbsT7RiQTUH9i_oB4W1Ut8d91RdyKzq-VmPdg9q62F1H6KXixR6IsRPc8Ynqf6NCLnlULx7WnnIzhUWx5xW9xv7CwOaOBGJfg8EuQvuZJj5vE2THg3P5krDkmyq3YLObhb9FeWN74tlJAHumbLKXN0-c4z8Epcuvz6zmK1PrMY3D241Jur9SERIjrWk-RoWi1YGNmw3sC0h7f6rnGm8O6TxMbafS6KD3l0lp88_9Pq8eVu-Dr57zztet4TsCIG1TpzWxai4272LWmbe_4Cp79PL_72HkV35DW0dF4e6jWmJpMdno97dhg_i0mLyosmuvcrSVcKqPc0oe0qWinv3DQugrNw9RbdCifxpDlbOhZ8vr-trJZSEtEHO4WoCk-kh9I4XsBoHg8HEJmVvBw5a7GTJTN_zq_c6onRdZIpWc2NmFZ6Ksx3lJplVU9nkM_zxEbKfhRDEuqMeGUcqS3tpcfE7xHyCF55OhIjyHmOuWyQcDJlEvSLuedpipvHN7Hh2zy9vxh8YIOl2iOkT-i9zhHm9Uf6eonceOCsWEIYfl1RL6yuT8QCwsnDwTGX6Za1inb0L6E--9eqkYWXVEVLye_Sok0DZUStVtm0MpPwRxk89OVsENSjKk4KvArPEHH1GW1WN8HjXg0XRFAz4EwVp1IRndoXpa_loueosgqMm3PKpQ7gUHIZCLW8Xy-ukD1kaNtDZJ3ZHZVya3MjXEgLrX6ZklLycQno1R5rczF415Q7K26790JZehfjLvbGydQbVobcfAS1IhfeQv9OZHrbldjp7ktzCwcTLrA20FvphtQfEa3zYY3VlQB-Y6PuAsr8yCEalcCeQ4EcMACLOA6Ki1pK8u8Ea1uK7_Bb2HdHrGXUKJqdSrnuo-MlYWDOxro8dq3G17RrT-IJyl3lAFZz2_6Gcb2NOXkzLcfruEoSY3aP2SkrDaQkkkOGtmO6BbqwqGmwZ-ST96TV4800SNIcncg03c7S7lrsM7BHQ7_xXPx_ENkPxsLoU6-9cK6g7mn9uGJD1_58il_7tsItxVbctWX8PAFiB11zkMEj1rISnqqLqHfoTphKaGTwr739uWbX-73uZM2sTCzoOVkSkW4zQrcp1KRaDTFDqovKmvezsMB0pkoQTUibAKhIniA1iSCF7sk7PA6VaN42HYm5rMG53ahBI-DC2VjBRHVCBwoQ65bS8crf4Ahmf0fNDIjHyz-TtREpUnFjaZonEwTCesMfrL4xoffZ0PuoGgohbVgcRpzcix2u8Fb32m_eyiyilDl6LArmOJrFAbhZPVecLoNMIYuSySxu9YBPvIHA91qnkdOxW0qtnAyFcOsCcxxz4Q-Wk9R4yiq20lZcduHd1PYFR8_HfL0kdMCcmvue0I5lxBHtCQFtA_6UQ-oJ3WkXWormLaVHV_dui1qQoPg5ZrqYI5-KLu_IGmUfMIAeYNJu6Lauyv5WDDPIBB9zi0ig5WZlYOPAMyy9GktQB_6Fk3W44MbmqitheFWc4TVzbNJVoUVRMvjlRQ11Te-TFZ9P6-hULtS-sH-Yh7fiQf3aZ4NfHxp_p58f0ZHF2jU6xJBj7Kv4SF0riDQJ8IfJLQ-GqDU5WZv93mqjc0JPi721Iwy0UXZyGNIneBmByM20yVRhlqXJGa9MUMdG1IDfZLb6GSZOdGi4kdIbSMHDZpGoiPIAJ5y5oAzCuBPZiv8uNtj_jN0qe89dfmRh7ULaBjE71YucHsV-jRK6PQHpboDlOJVcgGpuAOuoP4qrmbPW-yQWGktt9PKMlOqu3_Pn4V736x83wbUpp6vmO-n_Dzi_o2kfohH7nypPXqPyrXLA2er1FW4ICS20REYmJ3Dp-g5YbNMbzChKJ5MQaExNfJcXKL2bQJX0ViySUDJTpZL0I-dxoAec-svsCGiVgT1ZZFs8MYwDuFTlY4ydzzndnTyQtqqKn64Vqyn7ze1xIZ3myep66y8TYdaPX2cmgQ-31q2CGtaudHs5Xy6LpAx0_CAzO9W6JX4r2Dj_PhPoihu-kXdsTVXYZI3ODSpiltP_vrrAiOmE8lUarN7Bcf73lSrYfBBVlse6mozWwgzD0XbrEUw4ZZOuIdYdLZUKYHf2XMF4a7ZBnUXPv1kSlBHPunBn5Hz7qfCk6DOxWvwleO18LsKMQ7bIqKNdWaOMfnGjbU4bM8z-ODEE6T2d-8LADIRoMahwO1A6JC3tuV1MYGDW6BwxazF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

34950c2b3c5671ba37e6a2bb9c3a916d7214ce23de2febeb189f67dc329dc448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1653303849899685-3911478634975109187-sas6-5261-bf6-sas-l7-balancer-8080-BAL-6781
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 May 2022 11:04:10 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 23 May 2022 11:04:10 GMT

GET
H2 200 53111594bb4dcb595117.js Show response
yastatic.net/partner-code-bundles/584469/ 866 KB
138 KB 85ms
84ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/584469/53111594bb4dcb595117.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

413af0b1e271bb1232df4dc35c73bdef1c3e9ad0bad232187b270c3c74466ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 140239
last-modified: Thu, 19 May 2022 14:43:10 GMT
server: nginx/1.17.9
etag: "81fa40d738bba820f0bf9a1da1a121a0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 17:39:59 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 57ms
35ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=1962745041.1653303849&jid=1239639718&_u=aGDAAUABCAAAAG~&z=1731244907

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=1962745041.1653303849&jid=1239639718&_u=aGDAAUABCAAAAG~&z=1731244907

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 068774fb8cd95337.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 100ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/068774fb8cd95337.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f33dc6ac975eeb17de5c5d4dfd578a9b793ad29ce4c9fc9971c61d3e32668c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 23 May 2022 08:29:18 GMT
server: nginx
x-cs: HIT
etag: "f647b96a11a2fcce40d8917aa2468da7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2754
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 6b66e402ac0e3682.webp
cdn.nur.kz/images/272x153/ 17 KB
17 KB 101ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/6b66e402ac0e3682.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ea3e94ae218d409f2e06adab5a3cbf7517d3993af10e339f0c57e370420c742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 23 May 2022 03:00:45 GMT
server: nginx
x-cs: HIT
etag: "637a5f2e87baeee70fa5a1ec28b7f69a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 17378
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 b489d6206ebf7c21.webp
cdn.nur.kz/images/272x153/ 16 KB
17 KB 102ms
102ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/b489d6206ebf7c21.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

78e3e824e9c1b0f3bd977194491f575cfff3f20bf424a21ff239e885a9aaf608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Mon, 23 May 2022 08:09:27 GMT
server: nginx
x-cs: HIT
etag: "ffbebfbfeb54b20d7d00104fd2e17b0c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 16636
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 5275178b603cd777.webp
cdn.nur.kz/images/272x153/ 20 KB
21 KB 104ms
104ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/5275178b603cd777.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

932796b20ed17f91e804790a141a63672af0224a814c85795b4f698b0b701682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
last-modified: Fri, 20 May 2022 05:29:43 GMT
server: nginx
x-cs: HIT
etag: "3c0bba8e3032034c24976093ea66c938"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 20886
expires: Tue, 23 May 2023 11:04:09 GMT

GET
H2 200 46ff2129a2d71ba37e09.js Show response
yastatic.net/partner-code-bundles/584469/ 37 KB
10 KB 50ms
50ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/584469/46ff2129a2d71ba37e09.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b809aebd69050e3e11ea1a400e39b593e38419cab8f4f5e7d83fba02e11eed1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10033
last-modified: Thu, 19 May 2022 14:43:09 GMT
server: nginx/1.17.9
etag: "c8bf4e3ec10a158da313764ac45002b2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2052 17:39:58 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 29 KB
8 KB 370ms
370ms Fetch
application/json 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=0759c990-9bfa-43d5-be64-e32f22ae7ee7&limit=50

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-120.983fb3a0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

728bd30ec354e55cde9bc21743752e7cce9c6df7b3753227afc9754a3a78679d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding, Accept-Encoding, Origin
x-xss-protection: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx
etag: W/"73eb-yK8YKVcdbeRbZMxZrzufzJgJv3A"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-f-status: MISS

OPTIONS
H2 204 recommendations
webapi.nur.kz/ Frame 0
0 113ms
107ms Preflight 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.nur.kz/recommendations?userId=0759c990-9bfa-43d5-be64-e32f22ae7ee7&limit=50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 600
date: Mon, 23 May 2022 11:04:10 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers

GET
H2 204 event
ads.adfox.ru/252771/ 0
230 B 216ms
84ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=c84eeee48eb79979&pm=cyz&p5=lngbo&ad-session-id=550631653303849775&utg=oxum&lts=fjdxztp&ytt=433758947901445&ybv=0.584469&ylv=0.584469&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=ljvnnwo&sj=GzGLYODQZPhnkMc8RYvbjnOgbZ4GKWlJ0a_bsAK9-r-tysI6YGycE1HglcBF8g%3D%3D&puid1=Homepage&pr=lnheyrm&p1=crsny&rqs=KYq_1bDL11cpaotiEh0M58derNg_2i-N

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:04:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2367573/220509_adfox_1902305_5259320.9800e8b3c0d8092a7e91ec5a613c8afe.jpg/ 30 KB
31 KB 214ms
102ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2367573/220509_adfox_1902305_5259320.9800e8b3c0d8092a7e91ec5a613c8afe.jpg/optimize.webp
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a99bfdededfa3332929850cf132cb86c48e203ffee6aa4204861178669011cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 10 May 2022 03:41:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 31060
x-request-id: 4256e5af6b29ab09

GET
H2 200 arrow-up.svg
www.nur.kz/nur/img/icons/ 150 B
461 B 97ms
96ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-up.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: W/"6285e510-96"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 arrow-down.svg
www.nur.kz/nur/img/icons/ 158 B
459 B 97ms
97ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/arrow-down.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: W/"6285e510-9e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
expires: Tue, 23 May 2023 11:04:10 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
67 B 97ms
96ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:09 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0068 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 61BF 6 KB
3 KB 19ms
9ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3750 6 KB
3 KB 15ms
9ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5246680/xSe7a7fFgS078sc3BdfpOQ/ 18 KB
19 KB 65ms
64ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5246680/xSe7a7fFgS078sc3BdfpOQ/y300
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f6ad7e07715720f59dba6fcdb51a072cdf40ad24aecddb3700d3973118d2d9c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 21 Apr 2022 13:03:41 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 18840
x-request-id: 17a65e08addd4f13

GET
H/1.1 200
Ok babycancun.ru
favicon.yandex.net/favicon/ 1 KB
1 KB 193ms
71ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/babycancun.ru?size=32&stub=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

056330f56376b3693903e97fadfec0bfdd569acd78192941b1b6ad055d6a0177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/4474510/YqRS2GewlOyfwN3yZvO-XQ/ 4 KB
4 KB 65ms
64ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/YqRS2GewlOyfwN3yZvO-XQ/y180
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 7b8c01c57210f25371735d764e24159f18289f032d87806dd7856ff134abb2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 08 Mar 2021 12:49:43 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3846
x-request-id: 13c5e77334603e29

GET
H/1.1 200
Ok lebara-aktion.de
favicon.yandex.net/favicon/ 696 B
909 B 196ms
74ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/lebara-aktion.de?size=32&stub=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fdcc621864eab315fba4a0bd0d48c095bb5e49cccca6ac9f50cfa522fa5adffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/ 15 KB
16 KB 64ms
64ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/363179/7oyxBVRuagpOWq25qHAOWw/y300
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 324bcea8ab074b342ea41f5b5acecff155d45ef22a65149a283543035c233cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 01 Aug 2018 13:41:41 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15864
x-request-id: 7583a2b909abaeec

GET
H/1.1 200
Ok xcraft.ru
favicon.yandex.net/favicon/ 531 B
744 B 193ms
61ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xcraft.ru?size=32&stub=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F986 624 B
976 B 50ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNX-18V-Lslo02_1jjp0DQRlYzZCiEl5l1yN0q5YH_rvmbOhOutM06D_risfjCDT9IWMGgRuZg6_syYLcxnP2LPmrczoWg--lqqNEun_S-YkTQY8WWfJ4ZpRqyyQa-13zBQNZcLRo6Amelw1eQMQSDkk4LJLZddWqy8nzzrgko_icU5cKTE

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:10 GMT
expires: Mon, 23 May 2022 11:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0068 77 KB
32 KB 82ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUGXxH1tgYuqpNFYx_1AG4bTeZ2bNxuXjTk_sBcxFINk7D6yCl_8tzeFTr-3lLmrPA6DqadZ6cbKQ6Ba1Bi58LWVkxuQ&cry=1&dbm_d=AKAmf-CI9RVUAB-yji6gGMI9s4PI9s2VyWyytIgJRSkw3vLXAiY2Qikl6w4yRDVP4p5A_03ONa0uSTj0S2s8Nthv87YIaSw6I-bveDvL8_8Mh_KW0-Ea1-RPBBVxcuBmHG9x56iX5Q9wvnIJGLR-xu9kO3hNTk4MT6irTXyrTlxd8R1LIwwa9R7LUsWul_bNAo4m0o65ncZgBBc23uA8DJgPex1BDsizYmYalvggVV6El1Xe_j3JxjVHJ7XVoqlOGNQ931JtCDCOq8ebLXpQmuICh8NAo9F8aVAXaPxUGzMHQjwv52tkgW12IoEV78NTWLN6mhu2na4hkC5nIHTT8Evtd5WvMlLUdieAuz4SaGRCbrYPXV3Z00kPZrubtUJ2wfYhTJ1A5fqXgXX5Cp1JPUIdg3e9QZxwDnO0Q5xc2Ttwm-XP0H0PiAueVUO1oZmg6HVdHPHsrAnV-Zou7SxO1BlVX6YQJA894Pc6Y-vO6Rxn5iyWTeUtvPlMEGxiJU7iTnJrLBibQ8M-CQk5JIgw0TrxMJSbTM9Ej7-28iqmPaP7_PgUlU11noX5zP2QoKpHEH4pOpM3rIKbFbVGaEsil6JphEN53jLx220KpDhzSX4x2NaqXLYcFo56DPGvt0R4f_LGMj9psUCWM6ss9w5Wuak8mU6YnhKvkNHXlbw_ruFIU-RFLqIRxoGofWjXnrcWklJ1vsV16YX8NLDSEC3R2y-mDYaba0XI8bQZw5nkMEMJp4q25JsvQ7LzeB6lL9WgCI3mFDhsRZzd0TSG-50tBfB7EpxbEAoaBwIIbwtz7iXGtVMR24iSxIYFasEkmAWk3iS6N6OLCB2G7QmVQyVZQqj2Q2QNsqE-nxIsma-kk9W5PsRSTu5Dxx7bpHsq01xvCWmshe8aKeI49Awx66-UyiH6OdJUHUQ8Y_LwCks2b6bWt4ruQYXRwqPN3qtvmr8bkkIkEOBDmZUiA9GNUZatl-4zrs6RGbhsgWNZ9HOy_z_xWbow9kkQIg-TW2imtTLnMphsk4FruVbcQv90c8FY7NvdfoQDpZKuJXSEtikfP2huE8A6tTlGcSVYWK_CfN9IVaPkVOkvsKa7f8bninCoveOGkF9B2nUOtR8QTU9S1GMLcmiUXDiwlENpXs98vA1wXSE-J15EAcXdv4xrrrVL0xn97U4zTJwEjGKfGKcMpJpKQgOTdyehff7cViJNRXeg72L8XZkQvIAkZo7vWWiXOJ4ORa6JNlaYFH52BVe_YsAzyu3rh7J6L8iDQ20W3oW5AJrUjxOWxzDZ47pxw9bocM1_jymhpLbk5C_GoXb2coKWM89ArtpqnHwQH__CdItMtjEYVRoyUbAFa5LMwT3dfdUVc3gGOFuyRgtEB7hTQfc2jCg9CnIhQV4jF9JAZwVrdV_8iox3WEn3KAVcF6Ts2brNSYMfuyknUV8yjNkh3o9QLMMn_ugIX9vvKnzvJquCYFrmgFfJJEyIGQh5uuMJUORdy_78-CMcrU6wznBaTYySam-l5QTXUtJEqa-2FJZtbvCXJXrV7PJtGLeBkhHiqXU-pOfj5D5DunaaV9JWUilyUheSn_4tX8-xxuYN2D67oANiDEf7318RO3wtC_Pua-mnO5mAkbbxJTo-IX5isdpA3_kdU-Lmw_-bZjc4LMgjbImNhsEA03XL6Hwke9hfEt7fsiPzbJIxY3C2szdQSzVa63fVrZMwcsirfO4LGQdiLYTxHaiIUDkgU9BxEVt5WPAHmdC8zQILzYmGwyC5yidLPXhwXFbMvI9GhSht_70ySGVSX3w6R40kBA32rmvvQtCwa6QLytg0XEZyw71jZefEzazFgZVPP8okC3he64yN45FqYFnGZ8apWrzUXAyUAyA-c9NpbJjX17d5QRGCwf3pm1I4Z82W943FBQd2Yq-dh-yj36ONZXCRVjB3z2ef9Il7jKsnaJ6gdLbha3TQC1Ikl9pCFqVD1KHMt8MgoSU3BQpVlFiGEK4uofLTJGKv9XJg2sydUUkefLXlCczF_ru2jDhJlURI_hRVGSkerivgGM-hVrDt-WYnfTkTNOyp5tFjgcdecgP33rIsCIKp1xXVXgFLjlHpKqkxrbAU1xBJqHebB1kU_Fk7Q6BNPTZIpvSVpwE7LbvL36aYucSPxm56UM8Eugdidb7P_mVHp_4J7IoWCvDwnKW3kAegIEw4Fgab1-oNC_jeXbMDumAvYxq_tA8foZ32RsjR5MXZ8lflvwezhx5OseRYr8LRyg3Z33KLqI4axEAjCdBBu-ZskBcPZUChkqNSO-4oYO_nX-kT5v819A9kSXouuCMjeVC8oW3QHTTEAvUndX2wxWO4IbYwaWn4f5iny2vcf6NZIBG6HnPTAvv-d4dD1jHziazBbzAaZGHh3F5JQP4brApKZpJeete__T4Bo98Rnh6qmjZERGv4fUnL_76vuyh73HrscTvhIynZyVAxqD5Yf4-595fbQNS2KzodKedCjrWlso3OtFTzRzRXG49cia5_79ClSuHG2ZkRZRZH4zVIcTwwiZJqViN9-vnpbBg10UJar0tA9quNRrD0DOQnzu_FNRUBpHxsM8wnYjEDwfo8USWP0yVjqJMs78l6hmn4fa4w_NkIbejJpyk0i6fFLUHZ1zjlod_yiPTzgpfwNIvB9d0vieb0yhnptLVcwqmT98-7_UNudjsr13vraGngAfiH5MBcjwqinF89jmxWYUzN_9-SXZLFjB3_8rEDmg0sFcavkuUN-_lDTMWXNFPrFvO2H_j5-zY0OsjiNM_MP7S5_4AXrBXeVxw3YI6trV26XHOwNSND8d8HPDV-3PU4ShZz6W0TpOsmqZ1wW0xCcvZXjz-gjLWsg7nkhx0Qjc-jPYxd6TbeQFjzzuNmLSz_PtysYMKXRwJu_q8m80iOpgeJE8Gb7rhbmnGJSzYyiwPbf7kJfR92XByEMvkO9WhZaNIcG3u0Sp77zn665nEnMLsHDNPrn-SbAmFH3ioRDuWd98IOyUNBT8BNEm8F7fWd3obL0gMq-AIM1_WUV4honMi_xfpvUJbkcdvtH5EroLO4_Ht0cZH2YKfOHc-yuzQ8CKYKs5aHYIkzNMjks55uStzMDU22YmoId_WYhk_ErsE_r7s7fKI0u4sbsrRU5Mq89b0ZNIss2IV7Y8KfTTQP0zYBf-DnJDWeWOcD2BqrnVjjsl1I8taw4yq1E5XCt-we1lt_lwL67dBPIJI4JPSPjXziMPQHlHBxlLsKUE7AoUQ&cid=CAASJ-RoyI3lpVj0ry6PHqAnkZHeVbege8LhNtPQWM07Sg0vat1j8cmJTw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae6a8db56820ee4eac60bc01c051535a03816b63c4d662f67e8ed1b5e27eae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32886
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0068 42 B
269 B 40ms
39ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrYVguZu0Ma7dwYTUHzXB-e6bx43rrOq86db_hFiOkzGxg-JUSfBzHSuzq9mTGwoosyDDULIfVXLUJYwnWC5hhXvkBF8xQfxTI0RBg3cjyon8AscY

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 0068 3 KB
1 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 10:55:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0068 135 KB
42 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 0068 17 KB
8 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 10:59:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A04E 624 B
561 B 48ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZIRfXnlsdIbAl6U0JIYIjgt2mlkyn1nhEGiP2Qs3kO2a0IHDgGtVerGsLy97QN1xbye4cyaVcPPfjiQKcs8_RApNaKUGWAlKPiJSPEseZu2UVDKWB1wqQ1vAd-nkSDRVafcu6q0o9evtk8ysRk4XKFH9G826wGNGybV3zUk6k1WvzWMA

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:10 GMT
expires: Mon, 23 May 2022 11:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 61BF 77 KB
33 KB 73ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK2kpcUwBTJv1URPJpXajqt_LEYTlyue8cQyzSNredr68WuZTqPJ-EpEMzXmvf9jSL3rrxG5A1pRJv1L9JpC4fCGKyiw&cry=1&dbm_d=AKAmf-A2Vr5hUwaip7szjpTXa9PKu8JGTCjjOyFfyl73h8FBCz5-Q_IpDCuKImIwVFXWFZUXjpMNaRDjV-4GDF3gZWWvH4IwVbUNQ5YVEJ9-C6R1AFAGHW_2Cu7pbU44L9OCkGRvvZzjEcOwfbwudk4oVtrUlyDnJ4n74grsRyUzXaKsFKqW7CyG7PbaAK5Dx72svb5UDuiLnc-H9FXwZX2JNaQQrr3mW54HHAd-Rr9seb5GJ9jnkq3qPxMDmULeKNZ_6p70OaOtW9lqJWuS9w66rE4ygtiALMqn6YYJnw6CgCYs_SnssdhTQ2Fq0l4LeMblShMkNaGyZfpn4h649A4PCNHucM5ibYcT7Dy0V4S9h3hpEQ05ANChQ-cskT8i3Lx4yCeLXAvBQYEWAGhZ5TnRqmCX7_4O7_EK4bkB6JRIF6GBWORpWf7KEKLwmu2FqHGgV4xW64kiMUKUOuEWarloF6GTWuyAJxHuRln8Kb0g_q8bBMqFuWjvkC-VIbR_WXFpfwZ87Hlcs5yHZG2WuhP2z5zm-EFh8M9Kh3PDtmWNsH272xbLz2AVpN71AyuE61MaErlqNIcyiVA8Q3rHJORMYZmldgzgpQfNBndahTJBsDckblr-jl0D63AyNbr9aTHWGyI3fjEIs84gThp4ZZQMsHxrWeBWMjj64f8R2_ahPiNPN5mQXy9iFdg1mzmSNnFHCd6R7I-XHSvnwN-gpWtIsnb4N_7Ziyd_2P0_OqlFeJofKamEmhzx-iGam3C-oTmw5tVTRSBX7gMDFeiXLZ7DOkJFQBUSxk5VP8QVdZu9aA2NagbB_BKjCX3E52zMVnLy12yCwZ-HqWxZ3umuJm7UtJ-VJgOG35Xed2NGVSud1NBtYVdvl6lut4RnmK9a1Vw7g6kfpDVcqjGyp_koBsyguXt-3sorJwBpXuwkGETFxB2x8UeXnqBh6MgqY4lkoN01GEHI2JHrM_mYRlbsH7x7X7KeAkqJH4ZSoePbeuJpplfQCu0xsy2_dyK803_3IbHB_d6jHY26GfVdOjGXAa3NYRbFp-dH1Omb6UFN_w0PF_yrjIOc7AblNMUTXJcJDqzD8XcfVIq8eJDnrymc4nk1ZC942CWKvk6ACrGiZhxb6jcW1ov21ci6mcv37yHuuGOLc0klT2O2TfKHH5_W3jfCgVgIhd76QbGh3qIHptezSmj0NKqObP8uPTNV-HVYe6JwY9UOgI6aUFPcpWoY36eEW3aNCgpiuTFgXI_CZwiHrlQS6v8DzM6hQxIbAHvtj7at6LSo4WMdVSQYMrcBNOW_J7iMxksoUiQElMDQlr1c48X0qHPGXPeOGefHKi0M6rfIbhzrffkZmrUUeCUlo1SCACoFDuSV3yYzyJy7k8dKCDYZFtYmH-6srM0aelWXUNBwJOdOU3VtF_wHQ65aDg7pyFzyHkwt63XnoEqJUKixDXIp1FA7FfQaaomUFePNCg2PYGNKMNZyX_GtL7tL9ximW3MUBB4GiY_ekoLwp_S7Zt0Ouu2Sd7gW4DtdeifJRgljItWHSj52jA35iZNRbemK_ZQ5bZQ83eUhwDRNDlBmKu5lzdc-fsK4qCsKGiVuNIHmTFoXQVNXSfA7BCNJ2vzY1LV_ipOLjQPoggNx0YvtSzNhWJjNRPadlg7jkXTdreC9PFJKtIjAjiLpElAOo_I83hg8usyrbVe7_iq1zp2s5N-CarN0gwd42kpN0OCzQAVaTL2XI0MXrjDSbHjCrIcPZigH89GOI6zvFQF7_TyRofuSPOGe-WcDbPl8ZvqkrL_d03wGNMdTohunISJm7XL-oDJ7v1y8EkhighMvup_ti2o4ZbDec3qF0AL0SvNkAIllwfFDA3B61RhPc0gKVcfTZhLXxdm3Spt3mzCf1ZSRf5g0YptA28vIwhOnz03ujyX3jCswE-oNME6R251BVMV5KPC6B6fIZ8lp041de5RfKmHi4TY9wmWigud8V-3j_tFpHCwCChMt9RPeUGPj0PaAgndE3M9tY2g4yG7GcJAOR7-hQDR2SDZYtYnn96U1T4oDtXLOIrluC4XLIu9vE2wNxuD_jcx4W1E3NsprUc9JXmWd6AGjpPOPt_Af4gUcNawXt5G2xuoq2HqBurVIlY2OOMs6LfsUGZ9NDBLPZ5_rMsUcpEiA8zBszgpVYDEBTH0DFaLPscAnnic-M8e5Jgc2wPALwJ_oRdBcwfIYesuLRgXeEVcIaHMj2VcR4qdcHCQQRe_HIAtBy58TwsWD-0On2V6Al5zEcf7BwZ3zC01-AROdZkVqt8SqY4yC23km3EyN5DJ4jXZG2KoTUOwwifrmah_IPGCd1IbfF_Lk1_Y0D_CCOgJlIPWYSzX5CfP3Ms3UXZbDgBH9yR_Dl72e9LbTW5GtlDcqSQQfPqwpz7JKzUj09glmMz5RSp5LTCRDwr2m4L2YS5WAPoJsGH6k9bgA9VS4AeJNtgomDQ8Xx-65KpeY_1m1SUDBkfdz4Dl1qzF-C1bOHB69oG_qhQVvfWe_DLW0YXBNOMCw90cDIFvhwVGfnbLRv6Pyz4nV-brp2txC4HU7Qu53o0JA7ZDWCjWxnVXHLSFFNzXbENYISE0LSXElZf3XRtoAwT_PPkIy_nIKfqoB7Jt3jKnAC6-g4WqgwnHpo95OGG4EYUQ_OQKfLLmmZyKJEWMEKaxNCK7Vtil_mwOC3IBlYUVV5bAkaFhpE0cgQjaFXA_IdcfoQbutiGXY8LBbqHHkJR0JZC_QTBkyYZUSZF7sYR02RafjsRfc1KWe64ls0pTDk_WFn1TPsuKxDGTI0hWdwtfbJBufFLn7mJ5zTgOtLFS3e3N6XiouUkRjaGllGbYUqdCqq4yzBjoq5J18XEFXtiCtFu5huzevpJLHlUy7jrsxpeL8rYwEIcmBi0EOe9vrLgy1Dtg-LLW9G3LzIMaBJicxgHp-1sUqW7uTKe4Hl7zWVBqA_xAIvbx5YuAbp6xPc13nlwQMHka4jg98P8ubvKXwuMcqbsAeDhJX-TnEeQyFGT7hvK8e61RUxSeMuJKRrTzX2MsbhcOVyStF4tgyrmloGxnXLr2uBAZgSMduD-CCT-9u0z3zyOhn58fyX2_Cm_ldfXdBF9VCVmpz4pS02ZvsU915Q9Z0x9LflWRMPtqpj7uliFvQOuqkDSRrVVC6R8lE6oQtmaTd4DE2VgPswIY3Wpk3AMrDzp3I8wp7fyN4RPReK6gSQKiiEcG8pDjtDHmsuqBhWnu_vnUgg4s&cid=CAASJ-RoHB3scPkMIGo10MGS8tDnotG08hD9VXuFCV0eKjVG9KzrfW16Nw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c67f2bb7e9b75c0e6cbfb6eec2c5475e04f902834629cdb5270d347c75bf6883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32885
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61BF 42 B
107 B 40ms
39ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxPx54b5npKW96oWWQj0675iJrfPZRfGJLnkHwS3ZXwRPeyk4FgIThGB0oNAbCAwwwVOcHuLSgf4qKHz8yk42SwaEC0SQBHvIa16_GdZF7j_1GOv4

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 61BF 3 KB
1 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 10:55:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61BF 135 KB
41 KB 77ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 61BF 17 KB
7 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 10:59:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 61BF 0
0 17ms
17ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6dQKMiOPzeDLlP98YwVvU9LvHQm4UBxXpvL6xpwTLqJ-PrlOOsIPn2fn7Wrgv5-NX-B_rhcqBTUUVwxojzbjzmL_JNw
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 306ms
306ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:10 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7CBB 624 B
558 B 23ms
20ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYkp7PkgEwAQ&v=APEucNXy155HyE_1giOXzFVoaxQ2YdBYjg1Glo1v9Sz-KFA6gMf0Rp2Wx3eHCjTn47Gojo8AcWd0T6s3xmtobPWqmfxNRB_14Pv2ZtV53pjZ0MrJ66Zg3WkRp_-R3gbwW6yv_p88tBTNaaoPx7i9qiuNDeLCjMVPdIwoZKf95fyTaXZCfUIaXDQ

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:10 GMT
expires: Mon, 23 May 2022 11:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3750 79 KB
33 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_reKLew5VS1WVqAcVi7UYpI53H2uBdJfSuUNVURfPWSIsZ8BD3SCJ74Dp_UdQyU01peLjVRgr_fv3PSXvOdYwIIdq3Q&cry=1&dbm_d=AKAmf-DsZ4pDF7aiIujVmTvpDK2zIoDJOjWwQOMlAp5F4lisXFUBpCtv127-93YyP-iW0TZR2c1AA108r-EbNX5nu9dEOHjROrq_uMF0h7J_HsVd_WlVh5JXqyXn-EJKWQ8Ub8Dg8Eln3rPvf1nw65mlYIzYpywrLN-0ivzOxpIoU8yye9LGvnBhBOyS9cKHAqvoPoMFjjzLdl3S0zlsBwNBLRI5asH3fKVqaCWb5EL2RpdCp314o-126XplOm1ivBKNs3aTmw6l4gVXkmw8PnczkF8ZggmAzg3YEZzLGmA2YVb99gVz9BoI7TJxiy7t__DU9UsU1n6_tKzanMByX5o_My0ZaI6PHahyS3gGF4BEcdrxU7ZHVVwNrmz4SOh1E2AhTO7Z6oP8MqD__4bKjS56y_QhrU2d_wdrkHRyKLB1m99JoVNU_rNlSxD_O6T9-u4xAvTX6gOaYu2nOmNRjdUH09EpPwQn_3jv4zau8hpMqL5SXOUktBfdJZ53OzH1bgnnTD9dhiMKyE3vvsC36vi6iM_LCpOsHlSucA-cxTc7kM9Hr4XcHFWIXr3iKSXKc9MQB3GDzQyVCCc3k_MIz7EfF83Khdebz-oXbFaRxeFY-Ojb7H44PWUwFgi3kkZ0nSIWSYFIYswxWzPlb8tApuw7UA2rTpcdzXVL4K7-0dVVibmDT1z8E3vnYgjxvlfh8WEl4M2n8On6Q029cRvf4MZIHgwTkXOJLzEcLHZiM05SwcM8RuRNoZ1B_9R8DrycRTEnp-iOkZRyhFa8jwIU4HGbeq6Oq77enjFFNc2PSn4zlkyoUQe5k__A5dMsPeeX8Qe9LnSxRfwqY35FnE87bVKxR-0V7TaA_Q-7P74krjC8GJ_MHiNpxIXOQECv36oVsDGt8DUq3fR9PN5PhJkqyXi_Ck-cxBbnBJXU4R-xJk2ysk90Xrb3Jgw7AXUcBUpye8mwoiMvPKa3uCc0ssYuF0tK7KatLA9zzgsFO39TBDlBXbaklQ9BXXvOh7sxo65eXu1ue9gK86d6k9EWM8C9olZ3J_c2vrkldA3IhzLX4oAApnEzxrfQH1LHDeUWUYDCTK93RVElEcX5Pp5nAV2CEvENnLku3sEgk0jLx-Op6TEnuFHMXvfhevo-ED67CLrwcP26gy8Ix6xcAUcW30JRp7lwz8UP4p-nWp59QXY2L0iBbTgGvZAsM9_7caomFWRFfvCVO30FDK_-6Xxj_nxnt5HHufRmRThl4M1Spl9Oq1LTfeSJzqlGnVk0-ZV8HGBUR0aHGh8ytyx8vfrfOJLFixRXRWeSvYxRAZDo44ej1DgOJdctxLlj0uzJqdTO8TAZa6ODYcjym6p_C4estNdhs7j1TNoaCFipXuAYgJwmvlssq3BuBagEQ9NgCRYr8tKyT90D6VDfYbTuhNEAB3y9U_utWkFQB_GAHJIGwqy2MXQjtaZAo1N8MVHq9ZyxMT0pESwKAb80w2zCzq3VxkExV--TzaD6ONgDP77ZYBHtWi4p0jf9T5qMyTKsbj_4ZUE29rsorUES3E25HXYzv24be573q7FuKorsVfPpWZJ22ztIZ9SEUtKB9hNOiWLDlKicXcGSoL6Ifu3Jdu6kLfXvC6q3E2s-_k5eNQar19q2VdRbW0UZHSeTddoOMQNgnRFMVbWte0cRaoe24ug11i_vG4KBcSvhfAd1cAC911QCVQsccONasWXhMTUl9wmahqrhzStz21HElZk0trjFZcgNFFa5XBqhCxpMXqLgPBWRjO3J19ID7bBJBJHtbcdN87vqCQif0dAvNMycsMa3DlCu7A82hT6UMsvd_QrCXXxwCGZ8eFsDaqMehbV7jaOjR8_cuoQM1UKTHBHKoASPHd7gy3ViV4zStk2zH-t-jusiq06Naq3Yl6Wm3F_FT53WFSswWKvn6-LlR1fL8kUKVANs4F8vjQ4dlvfwFJ9VLCeJod8xTdnMbdvGEIFyDtNoik5PfQ-P3qlQ-sF4pBOMqZlTu6T4RHST5Xi9sxnyMojm_y7Dp_XxU3KBAHVeMH2bM7pT8hl-cveSVF6cmpRfY-MlixMlVr-Dk_QcBsLO-7CqqX6h4wUfpbzTMlTeoeZ9s59AWAWWwBgOIkHMYDzU5m8hMn6fdnYBR1eyQxTq7sil_yrKP9tQ5guFV5UMPa4YFbwk4rnSqtvvmSSZ-OL-lIl8gW6sVVqF7fwArdAur2i53qk6TuJWI_rSYfcyegg8DXbAbtLJxPqcy-B3NjdCpuLxDm7RcEitXCTSYnZeMuqw7dP2pkhqdsOAVT8G_Yif1zO4XFiUidQK64hzrNFW3hN3MPO9FURvcL6oGPVam_LsIiQIm5G9-y3fe9JhlhnEqgzpQj14np8Y4M9iwnK8NAeqDr9JCGt5-9ZrvFLGeeGoBAbrv1-UM6esPzjqExzWlxm4um2LnFIMjr9eRDjWoDCpvdBqJvEhB1iYePdKXsOJY6eBw-jtz-grXhchH7pkFqzw9nIeFPHoKLUwt5MUFyM11AEOfBZ96PQ2J8Otj7sroCutbAqYHren0Ss31FDq6tFVJCZgjJTi1QxH1KydT32PIqaICL5w9iiLSZg6epwwH2MpcN_O820Ue7WONLMbfuETSn_xuPOk_sQPhnLRYSW8V4iMropuejV3W_mZMhV9SF8ft7cPl2v_FzwntNvpYZQomgHeSblnGL9_nF739ePvl0nJ0nC5RVlbftTfl4tDIF7OcrKTYUhCNwohlttYHPYJA3tAxnRl7YyKgDExapbIn150ZB_Sj8j2adEjocBgcBgeUUuwKjRFg7vxhVLvZU7v0nK9Em3_g2_UDkN0T1ms_xy1bXZOqIfNlzBwYG0VWP6OxuI-Pm4G_XIxtXmbLUKjDMZVjMJCpKP-hW70a-a4z_JXZdGIwwxdpJHEczDdeplWMycJZvY1x83TcBtBV4Hjs1QatB74yn12HEL2D3bDxXd2AeYuP1FrL3gyUOoAII4CuxUcBm-XpqLM4rTfdpiSUzlAx8nPOf8wByJj_ihLGBbM6nlAe7P4iX_Ci75rAkro3oKcMHY0G6zzfGi-H1YmgPNM5bHowsirLgPkvA4tYKN4k6LenQK1of5w06GRPaM0fmSmEJyFSojFtiG4ABzsa1DjcJ-uOyCGqKFvhihXshTbvmSWGgTOt6u1qvL9UKwud7Nh8gqR8pmJztwlWSkj50z22xxQtE-7_MwcoySh176aowWUceTACLyfgd3ge3G1-5HFnjDoYz0&cid=CAASJ-Rom2rCZSttbtaYImd632S9ixx6zfVTHy52iabResqgQ-cgH7q1hw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f3c72570258ec32dff21f32222ec7598e2b0f4bb038bbc1458fec1ad8afd341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3750 42 B
63 B 43ms
42ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwaJ5nxmD05Ob_bTII-XJd31qUIiQCl6UbLTdeCEwDAY2iA3HOpkGQFJCA8yhfXOfk77x6rwafDfcZF3PC-uAzn_lrH4VsUQk7EfX5lYYI3tDxuW8

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3750 3 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:00:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3750 135 KB
41 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3750 17 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:01:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3750 0
0 16ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgprOhszQc5Z1KSkwkKW__jH6oixWw6c8FSxul5l4bK28uDaW3ziLzRTp4NXJeKbvgGf4S6IVG-OASc2QBTG-e1pJOkQ
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F986
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1

43 B
1014 B

49ms
21ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNX-18V-Lslo02_1jjp0DQRlYzZCiEl5l1yN0q5YH_rvmbOhOutM06D_risfjCDT9IWMGgRuZg6_syYLcxnP2LPmrczoWg--lqqNEun_S-YkTQY8WWfJ4ZpRqyyQa-13zBQNZcLRo6Amelw1eQMQSDkk4LJLZddWqy8nzzrgko_icU5cKTE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F986
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

43 B
894 B

27ms
27ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNX-18V-Lslo02_1jjp0DQRlYzZCiEl5l1yN0q5YH_rvmbOhOutM06D_risfjCDT9IWMGgRuZg6_syYLcxnP2LPmrczoWg--lqqNEun_S-YkTQY8WWfJ4ZpRqyyQa-13zBQNZcLRo6Amelw1eQMQSDkk4LJLZddWqy8nzzrgko_icU5cKTE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F986
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

43 B
1014 B

30ms
29ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNX-18V-Lslo02_1jjp0DQRlYzZCiEl5l1yN0q5YH_rvmbOhOutM06D_risfjCDT9IWMGgRuZg6_syYLcxnP2LPmrczoWg--lqqNEun_S-YkTQY8WWfJ4ZpRqyyQa-13zBQNZcLRo6Amelw1eQMQSDkk4LJLZddWqy8nzzrgko_icU5cKTE

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e38f6e1-e8f8-4771-8fd5-d5ef0d696639
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F986
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

170 B
188 B

48ms
34ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8e549ce-087a-485e-9879-fbaa2487342e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A04E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZIRfXnlsdIbAl6U0JIYIjgt2mlkyn1nhEGiP2Qs3kO2a0IHDgGtVerGsLy97QN1xbye4cyaVcPPfjiQKcs8_RApNaKUGWAlKPiJSPEseZu2UVDKWB1wqQ1vAd-nkSDRVafcu6q0o9evtk8ysRk4XKFH9G826wGNGybV3zUk6k1WvzWMA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELOI7nVjjEiDP4v7LLpi7lw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A04E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

43 B
894 B

29ms
28ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZIRfXnlsdIbAl6U0JIYIjgt2mlkyn1nhEGiP2Qs3kO2a0IHDgGtVerGsLy97QN1xbye4cyaVcPPfjiQKcs8_RApNaKUGWAlKPiJSPEseZu2UVDKWB1wqQ1vAd-nkSDRVafcu6q0o9evtk8ysRk4XKFH9G826wGNGybV3zUk6k1WvzWMA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A04E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

43 B
1014 B

42ms
14ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZIRfXnlsdIbAl6U0JIYIjgt2mlkyn1nhEGiP2Qs3kO2a0IHDgGtVerGsLy97QN1xbye4cyaVcPPfjiQKcs8_RApNaKUGWAlKPiJSPEseZu2UVDKWB1wqQ1vAd-nkSDRVafcu6q0o9evtk8ysRk4XKFH9G826wGNGybV3zUk6k1WvzWMA

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8482b4a-bdce-42d0-a919-c1b05c73a297
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPhLmo3itJF_sb0UUouZLRo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A04E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

170 B
188 B

51ms
35ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9c313d0-4c90-4a27-891b-046147a23b75
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2MTM0MDYxNDA2NTQzNDcxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7CBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGao2spA6W2wCsHbEoi7_Ag&google_cver=1

43 B
1014 B

48ms
21ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGao2spA6W2wCsHbEoi7_Ag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYkp7PkgEwAQ&v=APEucNXy155HyE_1giOXzFVoaxQ2YdBYjg1Glo1v9Sz-KFA6gMf0Rp2Wx3eHCjTn47Gojo8AcWd0T6s3xmtobPWqmfxNRB_14Pv2ZtV53pjZ0MrJ66Zg3WkRp_-R3gbwW6yv_p88tBTNaaoPx7i9qiuNDeLCjMVPdIwoZKf95fyTaXZCfUIaXDQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGao2spA6W2wCsHbEoi7_Ag&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7CBB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYkp7PkgEwAQ&v=APEucNXy155HyE_1giOXzFVoaxQ2YdBYjg1Glo1v9Sz-KFA6gMf0Rp2Wx3eHCjTn47Gojo8AcWd0T6s3xmtobPWqmfxNRB_14Pv2ZtV53pjZ0MrJ66Zg3WkRp_-R3gbwW6yv_p88tBTNaaoPx7i9qiuNDeLCjMVPdIwoZKf95fyTaXZCfUIaXDQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7CBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Cot29qMOy8-cWjA49HbY&google_cver=1

43 B
1014 B

32ms
21ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Cot29qMOy8-cWjA49HbY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYkp7PkgEwAQ&v=APEucNXy155HyE_1giOXzFVoaxQ2YdBYjg1Glo1v9Sz-KFA6gMf0Rp2Wx3eHCjTn47Gojo8AcWd0T6s3xmtobPWqmfxNRB_14Pv2ZtV53pjZ0MrJ66Zg3WkRp_-R3gbwW6yv_p88tBTNaaoPx7i9qiuNDeLCjMVPdIwoZKf95fyTaXZCfUIaXDQ

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e8290ca-64f3-450e-80ef-c1a046935f9b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEO0Cot29qMOy8-cWjA49HbY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7CBB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:10 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 76ab6040-31a3-4c70-963f-a1bd9e17449f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 17f57e77e5a80897.webp
cdn.nur.kz/images/272x153/ 6 KB
7 KB 98ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17f57e77e5a80897.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 18 May 2022 13:13:12 GMT
server: nginx
x-cs: HIT
etag: "78940a0c6626dcdd7aaaf26e2cd0bc93"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6454
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 92673a58b6d85104.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 98ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/92673a58b6d85104.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c6334df911b12e50cffb9153fc8799401f6509c4ffe20b4054ddb2ba7a1ccf6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 18 May 2022 09:19:40 GMT
server: nginx
x-cs: HIT
etag: "9b1000515c7cfbc3f6178403d77e63e6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4622
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 12a26ad3bf1a3f88.webp
cdn.nur.kz/images/272x153/ 34 KB
34 KB 99ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/12a26ad3bf1a3f88.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1dfb3bee651f1e126fe35b5af8584e441e3e4857697b6db417de4a6ea00577c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 23 May 2022 04:42:19 GMT
server: nginx
x-cs: HIT
etag: "5667608037f557bc93b25a2eaca06005"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 34954
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 f7bb2c953618f916.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 99ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f7bb2c953618f916.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 17 May 2022 00:13:00 GMT
server: nginx
x-cs: HIT
etag: "2045645c55cc2f2298c841c5687c6221"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7552
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 4a764c3c0e2760ce.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4a764c3c0e2760ce.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

da96a933feeba485b5e59758abb2acbb369cf407d9d9f814e767936387c26b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 07:04:17 GMT
server: nginx
x-cs: HIT
etag: "94308097c92656b6e4e950939514662e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4036
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 79e9116dc2ebe17b.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 101ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/79e9116dc2ebe17b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dde2a0827f602c25b81769496f43c629c0af93f03c36f5b3cb1db441e76c150d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 18:56:38 GMT
server: nginx
x-cs: HIT
etag: "1a2edb80b83987a070afd6266f071a79"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6834
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 0dbcc91cd23121af.webp
cdn.nur.kz/images/272x153/ 26 KB
27 KB 101ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/0dbcc91cd23121af.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

fa3488c1f1546fd2dc0e99ba16137ac11217dfb19f3f79c41d6cc24669668f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Sat, 21 May 2022 14:14:03 GMT
server: nginx
x-cs: HIT
etag: "7b0f681a60099d1b6742340b2c573b83"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 26814
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 c54c94aac30cac95.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 103ms
102ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/c54c94aac30cac95.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ee0387813905a914438df43ca82b1865b22f00b0eabcfdc8df28c2ed5fdcb02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Fri, 20 May 2022 05:06:11 GMT
server: nginx
x-cs: HIT
etag: "3ece511ed08a115a5ea06ac137a7e2bc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5484
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 9e6d8f4656095004.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 104ms
103ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9e6d8f4656095004.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

34426093732f29f1bd01a5a11c13344f5f40ebc75a89cacd15ea3fb709f55261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 26 Aug 2021 21:21:06 GMT
server: nginx
x-cs: HIT
etag: "404a71d37666b7bf59ed1be8d8162a3a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5728
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 60309c8a91b1ae32.webp
cdn.nur.kz/images/272x153/ 9 KB
9 KB 200ms
199ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/60309c8a91b1ae32.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8b33005798c2d2a5b248da39129831f44dec9b9fe87d988d970175597e444139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 16 May 2022 13:30:42 GMT
server: nginx
x-cs: HIT
etag: "1d097ca727bb6b93a9bcfbed4b409f0c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9098
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 app-adv.png
www.nur.kz/nur/img/ 76 KB
76 KB 99ms
98ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/app-adv.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Mon, 23 May 2022 11:04:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 06:34:56 GMT
server: nginx
etag: "6285e510-12ee6"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 77542
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 61BF 106 KB
38 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 09:38:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 61BF 8 KB
3 KB 9ms
9ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK2kpcUwBTJv1URPJpXajqt_LEYTlyue8cQyzSNredr68WuZTqPJ-EpEMzXmvf9jSL3rrxG5A1pRJv1L9JpC4fCGKyiw&cry=1&dbm_d=AKAmf-A2Vr5hUwaip7szjpTXa9PKu8JGTCjjOyFfyl73h8FBCz5-Q_IpDCuKImIwVFXWFZUXjpMNaRDjV-4GDF3gZWWvH4IwVbUNQ5YVEJ9-C6R1AFAGHW_2Cu7pbU44L9OCkGRvvZzjEcOwfbwudk4oVtrUlyDnJ4n74grsRyUzXaKsFKqW7CyG7PbaAK5Dx72svb5UDuiLnc-H9FXwZX2JNaQQrr3mW54HHAd-Rr9seb5GJ9jnkq3qPxMDmULeKNZ_6p70OaOtW9lqJWuS9w66rE4ygtiALMqn6YYJnw6CgCYs_SnssdhTQ2Fq0l4LeMblShMkNaGyZfpn4h649A4PCNHucM5ibYcT7Dy0V4S9h3hpEQ05ANChQ-cskT8i3Lx4yCeLXAvBQYEWAGhZ5TnRqmCX7_4O7_EK4bkB6JRIF6GBWORpWf7KEKLwmu2FqHGgV4xW64kiMUKUOuEWarloF6GTWuyAJxHuRln8Kb0g_q8bBMqFuWjvkC-VIbR_WXFpfwZ87Hlcs5yHZG2WuhP2z5zm-EFh8M9Kh3PDtmWNsH272xbLz2AVpN71AyuE61MaErlqNIcyiVA8Q3rHJORMYZmldgzgpQfNBndahTJBsDckblr-jl0D63AyNbr9aTHWGyI3fjEIs84gThp4ZZQMsHxrWeBWMjj64f8R2_ahPiNPN5mQXy9iFdg1mzmSNnFHCd6R7I-XHSvnwN-gpWtIsnb4N_7Ziyd_2P0_OqlFeJofKamEmhzx-iGam3C-oTmw5tVTRSBX7gMDFeiXLZ7DOkJFQBUSxk5VP8QVdZu9aA2NagbB_BKjCX3E52zMVnLy12yCwZ-HqWxZ3umuJm7UtJ-VJgOG35Xed2NGVSud1NBtYVdvl6lut4RnmK9a1Vw7g6kfpDVcqjGyp_koBsyguXt-3sorJwBpXuwkGETFxB2x8UeXnqBh6MgqY4lkoN01GEHI2JHrM_mYRlbsH7x7X7KeAkqJH4ZSoePbeuJpplfQCu0xsy2_dyK803_3IbHB_d6jHY26GfVdOjGXAa3NYRbFp-dH1Omb6UFN_w0PF_yrjIOc7AblNMUTXJcJDqzD8XcfVIq8eJDnrymc4nk1ZC942CWKvk6ACrGiZhxb6jcW1ov21ci6mcv37yHuuGOLc0klT2O2TfKHH5_W3jfCgVgIhd76QbGh3qIHptezSmj0NKqObP8uPTNV-HVYe6JwY9UOgI6aUFPcpWoY36eEW3aNCgpiuTFgXI_CZwiHrlQS6v8DzM6hQxIbAHvtj7at6LSo4WMdVSQYMrcBNOW_J7iMxksoUiQElMDQlr1c48X0qHPGXPeOGefHKi0M6rfIbhzrffkZmrUUeCUlo1SCACoFDuSV3yYzyJy7k8dKCDYZFtYmH-6srM0aelWXUNBwJOdOU3VtF_wHQ65aDg7pyFzyHkwt63XnoEqJUKixDXIp1FA7FfQaaomUFePNCg2PYGNKMNZyX_GtL7tL9ximW3MUBB4GiY_ekoLwp_S7Zt0Ouu2Sd7gW4DtdeifJRgljItWHSj52jA35iZNRbemK_ZQ5bZQ83eUhwDRNDlBmKu5lzdc-fsK4qCsKGiVuNIHmTFoXQVNXSfA7BCNJ2vzY1LV_ipOLjQPoggNx0YvtSzNhWJjNRPadlg7jkXTdreC9PFJKtIjAjiLpElAOo_I83hg8usyrbVe7_iq1zp2s5N-CarN0gwd42kpN0OCzQAVaTL2XI0MXrjDSbHjCrIcPZigH89GOI6zvFQF7_TyRofuSPOGe-WcDbPl8ZvqkrL_d03wGNMdTohunISJm7XL-oDJ7v1y8EkhighMvup_ti2o4ZbDec3qF0AL0SvNkAIllwfFDA3B61RhPc0gKVcfTZhLXxdm3Spt3mzCf1ZSRf5g0YptA28vIwhOnz03ujyX3jCswE-oNME6R251BVMV5KPC6B6fIZ8lp041de5RfKmHi4TY9wmWigud8V-3j_tFpHCwCChMt9RPeUGPj0PaAgndE3M9tY2g4yG7GcJAOR7-hQDR2SDZYtYnn96U1T4oDtXLOIrluC4XLIu9vE2wNxuD_jcx4W1E3NsprUc9JXmWd6AGjpPOPt_Af4gUcNawXt5G2xuoq2HqBurVIlY2OOMs6LfsUGZ9NDBLPZ5_rMsUcpEiA8zBszgpVYDEBTH0DFaLPscAnnic-M8e5Jgc2wPALwJ_oRdBcwfIYesuLRgXeEVcIaHMj2VcR4qdcHCQQRe_HIAtBy58TwsWD-0On2V6Al5zEcf7BwZ3zC01-AROdZkVqt8SqY4yC23km3EyN5DJ4jXZG2KoTUOwwifrmah_IPGCd1IbfF_Lk1_Y0D_CCOgJlIPWYSzX5CfP3Ms3UXZbDgBH9yR_Dl72e9LbTW5GtlDcqSQQfPqwpz7JKzUj09glmMz5RSp5LTCRDwr2m4L2YS5WAPoJsGH6k9bgA9VS4AeJNtgomDQ8Xx-65KpeY_1m1SUDBkfdz4Dl1qzF-C1bOHB69oG_qhQVvfWe_DLW0YXBNOMCw90cDIFvhwVGfnbLRv6Pyz4nV-brp2txC4HU7Qu53o0JA7ZDWCjWxnVXHLSFFNzXbENYISE0LSXElZf3XRtoAwT_PPkIy_nIKfqoB7Jt3jKnAC6-g4WqgwnHpo95OGG4EYUQ_OQKfLLmmZyKJEWMEKaxNCK7Vtil_mwOC3IBlYUVV5bAkaFhpE0cgQjaFXA_IdcfoQbutiGXY8LBbqHHkJR0JZC_QTBkyYZUSZF7sYR02RafjsRfc1KWe64ls0pTDk_WFn1TPsuKxDGTI0hWdwtfbJBufFLn7mJ5zTgOtLFS3e3N6XiouUkRjaGllGbYUqdCqq4yzBjoq5J18XEFXtiCtFu5huzevpJLHlUy7jrsxpeL8rYwEIcmBi0EOe9vrLgy1Dtg-LLW9G3LzIMaBJicxgHp-1sUqW7uTKe4Hl7zWVBqA_xAIvbx5YuAbp6xPc13nlwQMHka4jg98P8ubvKXwuMcqbsAeDhJX-TnEeQyFGT7hvK8e61RUxSeMuJKRrTzX2MsbhcOVyStF4tgyrmloGxnXLr2uBAZgSMduD-CCT-9u0z3zyOhn58fyX2_Cm_ldfXdBF9VCVmpz4pS02ZvsU915Q9Z0x9LflWRMPtqpj7uliFvQOuqkDSRrVVC6R8lE6oQtmaTd4DE2VgPswIY3Wpk3AMrDzp3I8wp7fyN4RPReK6gSQKiiEcG8pDjtDHmsuqBhWnu_vnUgg4s&cid=CAASJ-RoHB3scPkMIGo10MGS8tDnotG08hD9VXuFCV0eKjVG9KzrfW16Nw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 61BF 27 KB
10 KB 13ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:42 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0068 106 KB
37 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 09:38:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 0068 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUGXxH1tgYuqpNFYx_1AG4bTeZ2bNxuXjTk_sBcxFINk7D6yCl_8tzeFTr-3lLmrPA6DqadZ6cbKQ6Ba1Bi58LWVkxuQ&cry=1&dbm_d=AKAmf-CI9RVUAB-yji6gGMI9s4PI9s2VyWyytIgJRSkw3vLXAiY2Qikl6w4yRDVP4p5A_03ONa0uSTj0S2s8Nthv87YIaSw6I-bveDvL8_8Mh_KW0-Ea1-RPBBVxcuBmHG9x56iX5Q9wvnIJGLR-xu9kO3hNTk4MT6irTXyrTlxd8R1LIwwa9R7LUsWul_bNAo4m0o65ncZgBBc23uA8DJgPex1BDsizYmYalvggVV6El1Xe_j3JxjVHJ7XVoqlOGNQ931JtCDCOq8ebLXpQmuICh8NAo9F8aVAXaPxUGzMHQjwv52tkgW12IoEV78NTWLN6mhu2na4hkC5nIHTT8Evtd5WvMlLUdieAuz4SaGRCbrYPXV3Z00kPZrubtUJ2wfYhTJ1A5fqXgXX5Cp1JPUIdg3e9QZxwDnO0Q5xc2Ttwm-XP0H0PiAueVUO1oZmg6HVdHPHsrAnV-Zou7SxO1BlVX6YQJA894Pc6Y-vO6Rxn5iyWTeUtvPlMEGxiJU7iTnJrLBibQ8M-CQk5JIgw0TrxMJSbTM9Ej7-28iqmPaP7_PgUlU11noX5zP2QoKpHEH4pOpM3rIKbFbVGaEsil6JphEN53jLx220KpDhzSX4x2NaqXLYcFo56DPGvt0R4f_LGMj9psUCWM6ss9w5Wuak8mU6YnhKvkNHXlbw_ruFIU-RFLqIRxoGofWjXnrcWklJ1vsV16YX8NLDSEC3R2y-mDYaba0XI8bQZw5nkMEMJp4q25JsvQ7LzeB6lL9WgCI3mFDhsRZzd0TSG-50tBfB7EpxbEAoaBwIIbwtz7iXGtVMR24iSxIYFasEkmAWk3iS6N6OLCB2G7QmVQyVZQqj2Q2QNsqE-nxIsma-kk9W5PsRSTu5Dxx7bpHsq01xvCWmshe8aKeI49Awx66-UyiH6OdJUHUQ8Y_LwCks2b6bWt4ruQYXRwqPN3qtvmr8bkkIkEOBDmZUiA9GNUZatl-4zrs6RGbhsgWNZ9HOy_z_xWbow9kkQIg-TW2imtTLnMphsk4FruVbcQv90c8FY7NvdfoQDpZKuJXSEtikfP2huE8A6tTlGcSVYWK_CfN9IVaPkVOkvsKa7f8bninCoveOGkF9B2nUOtR8QTU9S1GMLcmiUXDiwlENpXs98vA1wXSE-J15EAcXdv4xrrrVL0xn97U4zTJwEjGKfGKcMpJpKQgOTdyehff7cViJNRXeg72L8XZkQvIAkZo7vWWiXOJ4ORa6JNlaYFH52BVe_YsAzyu3rh7J6L8iDQ20W3oW5AJrUjxOWxzDZ47pxw9bocM1_jymhpLbk5C_GoXb2coKWM89ArtpqnHwQH__CdItMtjEYVRoyUbAFa5LMwT3dfdUVc3gGOFuyRgtEB7hTQfc2jCg9CnIhQV4jF9JAZwVrdV_8iox3WEn3KAVcF6Ts2brNSYMfuyknUV8yjNkh3o9QLMMn_ugIX9vvKnzvJquCYFrmgFfJJEyIGQh5uuMJUORdy_78-CMcrU6wznBaTYySam-l5QTXUtJEqa-2FJZtbvCXJXrV7PJtGLeBkhHiqXU-pOfj5D5DunaaV9JWUilyUheSn_4tX8-xxuYN2D67oANiDEf7318RO3wtC_Pua-mnO5mAkbbxJTo-IX5isdpA3_kdU-Lmw_-bZjc4LMgjbImNhsEA03XL6Hwke9hfEt7fsiPzbJIxY3C2szdQSzVa63fVrZMwcsirfO4LGQdiLYTxHaiIUDkgU9BxEVt5WPAHmdC8zQILzYmGwyC5yidLPXhwXFbMvI9GhSht_70ySGVSX3w6R40kBA32rmvvQtCwa6QLytg0XEZyw71jZefEzazFgZVPP8okC3he64yN45FqYFnGZ8apWrzUXAyUAyA-c9NpbJjX17d5QRGCwf3pm1I4Z82W943FBQd2Yq-dh-yj36ONZXCRVjB3z2ef9Il7jKsnaJ6gdLbha3TQC1Ikl9pCFqVD1KHMt8MgoSU3BQpVlFiGEK4uofLTJGKv9XJg2sydUUkefLXlCczF_ru2jDhJlURI_hRVGSkerivgGM-hVrDt-WYnfTkTNOyp5tFjgcdecgP33rIsCIKp1xXVXgFLjlHpKqkxrbAU1xBJqHebB1kU_Fk7Q6BNPTZIpvSVpwE7LbvL36aYucSPxm56UM8Eugdidb7P_mVHp_4J7IoWCvDwnKW3kAegIEw4Fgab1-oNC_jeXbMDumAvYxq_tA8foZ32RsjR5MXZ8lflvwezhx5OseRYr8LRyg3Z33KLqI4axEAjCdBBu-ZskBcPZUChkqNSO-4oYO_nX-kT5v819A9kSXouuCMjeVC8oW3QHTTEAvUndX2wxWO4IbYwaWn4f5iny2vcf6NZIBG6HnPTAvv-d4dD1jHziazBbzAaZGHh3F5JQP4brApKZpJeete__T4Bo98Rnh6qmjZERGv4fUnL_76vuyh73HrscTvhIynZyVAxqD5Yf4-595fbQNS2KzodKedCjrWlso3OtFTzRzRXG49cia5_79ClSuHG2ZkRZRZH4zVIcTwwiZJqViN9-vnpbBg10UJar0tA9quNRrD0DOQnzu_FNRUBpHxsM8wnYjEDwfo8USWP0yVjqJMs78l6hmn4fa4w_NkIbejJpyk0i6fFLUHZ1zjlod_yiPTzgpfwNIvB9d0vieb0yhnptLVcwqmT98-7_UNudjsr13vraGngAfiH5MBcjwqinF89jmxWYUzN_9-SXZLFjB3_8rEDmg0sFcavkuUN-_lDTMWXNFPrFvO2H_j5-zY0OsjiNM_MP7S5_4AXrBXeVxw3YI6trV26XHOwNSND8d8HPDV-3PU4ShZz6W0TpOsmqZ1wW0xCcvZXjz-gjLWsg7nkhx0Qjc-jPYxd6TbeQFjzzuNmLSz_PtysYMKXRwJu_q8m80iOpgeJE8Gb7rhbmnGJSzYyiwPbf7kJfR92XByEMvkO9WhZaNIcG3u0Sp77zn665nEnMLsHDNPrn-SbAmFH3ioRDuWd98IOyUNBT8BNEm8F7fWd3obL0gMq-AIM1_WUV4honMi_xfpvUJbkcdvtH5EroLO4_Ht0cZH2YKfOHc-yuzQ8CKYKs5aHYIkzNMjks55uStzMDU22YmoId_WYhk_ErsE_r7s7fKI0u4sbsrRU5Mq89b0ZNIss2IV7Y8KfTTQP0zYBf-DnJDWeWOcD2BqrnVjjsl1I8taw4yq1E5XCt-we1lt_lwL67dBPIJI4JPSPjXziMPQHlHBxlLsKUE7AoUQ&cid=CAASJ-RoyI3lpVj0ry6PHqAnkZHeVbege8LhNtPQWM07Sg0vat1j8cmJTw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 0068 27 KB
10 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:42 GMT

GET
H2 200 eb297aabac2ed946.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 103ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/eb297aabac2ed946.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

46b0d1d64e68990d8c3d39463bb11d33eb243e54bf7865cddde2a5b8db047530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 21 Dec 2020 11:49:00 GMT
server: nginx
x-cs: HIT
etag: "0315d91fa523b2e8806cec4203510231"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6294
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 a719e430ab9a6a19.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 102ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a719e430ab9a6a19.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

237e031dc00b6690fa1159448313f2ea2b4cca8f37c82c184b1a7d0cdfbadeac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Fri, 20 May 2022 09:55:14 GMT
server: nginx
x-cs: HIT
etag: "1a46cacfff076342b2843cc236c5ad50"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4760
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 d6984bfbefe46c72.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 102ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d6984bfbefe46c72.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 22:30:30 GMT
server: nginx
x-cs: HIT
etag: "160f9b58ca30130b065a79b7a3e4f03a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4010
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 90aae343c5d2d90b.webp
cdn.nur.kz/images/272x153/ 5 KB
6 KB 102ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/90aae343c5d2d90b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 06:56:52 GMT
server: nginx
x-cs: HIT
etag: "e490f9f130434dc1ba73cf1d0cf924bb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5342
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 7fc46bb01c181fb8.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 103ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7fc46bb01c181fb8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e149e2e10ef304e7c24654754ca3ec8684e02bed893a785e14b57df3be3feaa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 05 May 2022 19:18:09 GMT
server: nginx
x-cs: HIT
etag: "f9cae50720b900f40e0934f0257aa1d2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3906
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 20880df1d87f0bcf.webp
cdn.nur.kz/images/272x153/ 7 KB
8 KB 103ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/20880df1d87f0bcf.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 22 Apr 2021 12:25:09 GMT
server: nginx
x-cs: HIT
etag: "884f457d9a18170fdbc7734fa9933941"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7404
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 359378f6417b8477.webp
cdn.nur.kz/images/272x153/ 8 KB
9 KB 103ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/359378f6417b8477.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5316657b1ed3221c8eb46e40288646c40d3b43b3ac5bd510c440328be81e1d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Fri, 25 Dec 2020 07:47:02 GMT
server: nginx
x-cs: HIT
etag: "a15be1d754b9a66be554b34b08c5dac9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8522
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 b852d71b0e111c7a.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 103ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/b852d71b0e111c7a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

aecf30c39a198017459637aaa80b499f59140dd3126caa3fbdf544f2b89fd1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 14:38:10 GMT
server: nginx
x-cs: HIT
etag: "48657fee5b50d4285966b2d33b500090"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3478
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 ec841d2277364bdf.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 103ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/ec841d2277364bdf.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

fe2b6f51a75fc1f869c0f4d3562b906021b0ddf31cb85a3b4d58c224a64bef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Sat, 21 May 2022 01:18:17 GMT
server: nginx
x-cs: HIT
etag: "005e77a740654ac2ab939914e839b0c7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9576
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 c22c868fc0ba8816.webp
cdn.nur.kz/images/272x153/ 6 KB
6 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/c22c868fc0ba8816.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9c2dd75c175466bfeae087c24e6809cb97621deb1b6c5c23b11c009aaed2a556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 06:25:47 GMT
server: nginx
x-cs: HIT
etag: "63460dddc7bcb288907fe99dda0e1eea"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6154
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 238ms
237ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789576614196507&correlator=784688797860342&eid=31067486%2C31067688%2C31067709%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=5&adks=1120197511&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D2631207b1ccacb0a-22d1e5739acd004e%3AT%3D1653303849%3AS%3DALNI_Mb0aNnd_yJYcjr88R33H1fB_TLvtg&abxe=1&dt=1653303850613&dlt=1653303849248&idt=340&biw=1600&bih=1200&adxs=295&adys=15248&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1962745041.1653303849&ga_sid=1653303850&ga_hid=1791401548&ga_fc=true&ga_cid=946190871.1653303849&btvi=4&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bc30fa8ae5a3223209e828b07b577606119b3eb8577f68fc63a38bfc78a95a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9308
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3750 106 KB
37 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 09:38:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame 3750 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_reKLew5VS1WVqAcVi7UYpI53H2uBdJfSuUNVURfPWSIsZ8BD3SCJ74Dp_UdQyU01peLjVRgr_fv3PSXvOdYwIIdq3Q&cry=1&dbm_d=AKAmf-DsZ4pDF7aiIujVmTvpDK2zIoDJOjWwQOMlAp5F4lisXFUBpCtv127-93YyP-iW0TZR2c1AA108r-EbNX5nu9dEOHjROrq_uMF0h7J_HsVd_WlVh5JXqyXn-EJKWQ8Ub8Dg8Eln3rPvf1nw65mlYIzYpywrLN-0ivzOxpIoU8yye9LGvnBhBOyS9cKHAqvoPoMFjjzLdl3S0zlsBwNBLRI5asH3fKVqaCWb5EL2RpdCp314o-126XplOm1ivBKNs3aTmw6l4gVXkmw8PnczkF8ZggmAzg3YEZzLGmA2YVb99gVz9BoI7TJxiy7t__DU9UsU1n6_tKzanMByX5o_My0ZaI6PHahyS3gGF4BEcdrxU7ZHVVwNrmz4SOh1E2AhTO7Z6oP8MqD__4bKjS56y_QhrU2d_wdrkHRyKLB1m99JoVNU_rNlSxD_O6T9-u4xAvTX6gOaYu2nOmNRjdUH09EpPwQn_3jv4zau8hpMqL5SXOUktBfdJZ53OzH1bgnnTD9dhiMKyE3vvsC36vi6iM_LCpOsHlSucA-cxTc7kM9Hr4XcHFWIXr3iKSXKc9MQB3GDzQyVCCc3k_MIz7EfF83Khdebz-oXbFaRxeFY-Ojb7H44PWUwFgi3kkZ0nSIWSYFIYswxWzPlb8tApuw7UA2rTpcdzXVL4K7-0dVVibmDT1z8E3vnYgjxvlfh8WEl4M2n8On6Q029cRvf4MZIHgwTkXOJLzEcLHZiM05SwcM8RuRNoZ1B_9R8DrycRTEnp-iOkZRyhFa8jwIU4HGbeq6Oq77enjFFNc2PSn4zlkyoUQe5k__A5dMsPeeX8Qe9LnSxRfwqY35FnE87bVKxR-0V7TaA_Q-7P74krjC8GJ_MHiNpxIXOQECv36oVsDGt8DUq3fR9PN5PhJkqyXi_Ck-cxBbnBJXU4R-xJk2ysk90Xrb3Jgw7AXUcBUpye8mwoiMvPKa3uCc0ssYuF0tK7KatLA9zzgsFO39TBDlBXbaklQ9BXXvOh7sxo65eXu1ue9gK86d6k9EWM8C9olZ3J_c2vrkldA3IhzLX4oAApnEzxrfQH1LHDeUWUYDCTK93RVElEcX5Pp5nAV2CEvENnLku3sEgk0jLx-Op6TEnuFHMXvfhevo-ED67CLrwcP26gy8Ix6xcAUcW30JRp7lwz8UP4p-nWp59QXY2L0iBbTgGvZAsM9_7caomFWRFfvCVO30FDK_-6Xxj_nxnt5HHufRmRThl4M1Spl9Oq1LTfeSJzqlGnVk0-ZV8HGBUR0aHGh8ytyx8vfrfOJLFixRXRWeSvYxRAZDo44ej1DgOJdctxLlj0uzJqdTO8TAZa6ODYcjym6p_C4estNdhs7j1TNoaCFipXuAYgJwmvlssq3BuBagEQ9NgCRYr8tKyT90D6VDfYbTuhNEAB3y9U_utWkFQB_GAHJIGwqy2MXQjtaZAo1N8MVHq9ZyxMT0pESwKAb80w2zCzq3VxkExV--TzaD6ONgDP77ZYBHtWi4p0jf9T5qMyTKsbj_4ZUE29rsorUES3E25HXYzv24be573q7FuKorsVfPpWZJ22ztIZ9SEUtKB9hNOiWLDlKicXcGSoL6Ifu3Jdu6kLfXvC6q3E2s-_k5eNQar19q2VdRbW0UZHSeTddoOMQNgnRFMVbWte0cRaoe24ug11i_vG4KBcSvhfAd1cAC911QCVQsccONasWXhMTUl9wmahqrhzStz21HElZk0trjFZcgNFFa5XBqhCxpMXqLgPBWRjO3J19ID7bBJBJHtbcdN87vqCQif0dAvNMycsMa3DlCu7A82hT6UMsvd_QrCXXxwCGZ8eFsDaqMehbV7jaOjR8_cuoQM1UKTHBHKoASPHd7gy3ViV4zStk2zH-t-jusiq06Naq3Yl6Wm3F_FT53WFSswWKvn6-LlR1fL8kUKVANs4F8vjQ4dlvfwFJ9VLCeJod8xTdnMbdvGEIFyDtNoik5PfQ-P3qlQ-sF4pBOMqZlTu6T4RHST5Xi9sxnyMojm_y7Dp_XxU3KBAHVeMH2bM7pT8hl-cveSVF6cmpRfY-MlixMlVr-Dk_QcBsLO-7CqqX6h4wUfpbzTMlTeoeZ9s59AWAWWwBgOIkHMYDzU5m8hMn6fdnYBR1eyQxTq7sil_yrKP9tQ5guFV5UMPa4YFbwk4rnSqtvvmSSZ-OL-lIl8gW6sVVqF7fwArdAur2i53qk6TuJWI_rSYfcyegg8DXbAbtLJxPqcy-B3NjdCpuLxDm7RcEitXCTSYnZeMuqw7dP2pkhqdsOAVT8G_Yif1zO4XFiUidQK64hzrNFW3hN3MPO9FURvcL6oGPVam_LsIiQIm5G9-y3fe9JhlhnEqgzpQj14np8Y4M9iwnK8NAeqDr9JCGt5-9ZrvFLGeeGoBAbrv1-UM6esPzjqExzWlxm4um2LnFIMjr9eRDjWoDCpvdBqJvEhB1iYePdKXsOJY6eBw-jtz-grXhchH7pkFqzw9nIeFPHoKLUwt5MUFyM11AEOfBZ96PQ2J8Otj7sroCutbAqYHren0Ss31FDq6tFVJCZgjJTi1QxH1KydT32PIqaICL5w9iiLSZg6epwwH2MpcN_O820Ue7WONLMbfuETSn_xuPOk_sQPhnLRYSW8V4iMropuejV3W_mZMhV9SF8ft7cPl2v_FzwntNvpYZQomgHeSblnGL9_nF739ePvl0nJ0nC5RVlbftTfl4tDIF7OcrKTYUhCNwohlttYHPYJA3tAxnRl7YyKgDExapbIn150ZB_Sj8j2adEjocBgcBgeUUuwKjRFg7vxhVLvZU7v0nK9Em3_g2_UDkN0T1ms_xy1bXZOqIfNlzBwYG0VWP6OxuI-Pm4G_XIxtXmbLUKjDMZVjMJCpKP-hW70a-a4z_JXZdGIwwxdpJHEczDdeplWMycJZvY1x83TcBtBV4Hjs1QatB74yn12HEL2D3bDxXd2AeYuP1FrL3gyUOoAII4CuxUcBm-XpqLM4rTfdpiSUzlAx8nPOf8wByJj_ihLGBbM6nlAe7P4iX_Ci75rAkro3oKcMHY0G6zzfGi-H1YmgPNM5bHowsirLgPkvA4tYKN4k6LenQK1of5w06GRPaM0fmSmEJyFSojFtiG4ABzsa1DjcJ-uOyCGqKFvhihXshTbvmSWGgTOt6u1qvL9UKwud7Nh8gqR8pmJztwlWSkj50z22xxQtE-7_MwcoySh176aowWUceTACLyfgd3ge3G1-5HFnjDoYz0&cid=CAASJ-Rom2rCZSttbtaYImd632S9ixx6zfVTHy52iabResqgQ-cgH7q1hw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame 3750 27 KB
10 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:42 GMT

GET
H2 200 17e993e11077e439.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 99ms
95ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17e993e11077e439.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 09 Feb 2022 12:46:47 GMT
server: nginx
x-cs: HIT
etag: "bbf8e1fcbdf09c5e66e99fd9f20030b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4180
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 004b2260f09efdfe.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/004b2260f09efdfe.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 03 Feb 2021 11:33:10 GMT
server: nginx
x-cs: HIT
etag: "7fdb5d4036d66d1abc7ccf4afa53add9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2622
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 aa383e1b9e4dee55.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/aa383e1b9e4dee55.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e93a7d65ce3bb91c81fc7ba5fd950555be028273521907fea8d236d4f97eb48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 23 May 2022 07:30:45 GMT
server: nginx
x-cs: HIT
etag: "a32a41eee221dac74b150dedaa93eb6d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3446
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 0c4ecca80f879c64.webp
cdn.nur.kz/images/272x153/ 8 KB
9 KB 100ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/0c4ecca80f879c64.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

906279f962df2b9a0aebadf33bdce9bafc4246e2cd71bc4639b91dadd27105ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 06:38:39 GMT
server: nginx
x-cs: HIT
etag: "80b7c379d2473a233db800263e0b6175"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 8424
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 a2741ede35e650cc.webp
cdn.nur.kz/images/272x153/ 38 KB
38 KB 100ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/a2741ede35e650cc.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 18 Apr 2022 16:52:49 GMT
server: nginx
x-cs: HIT
etag: "c7a9f05c5b9ea5483754d2cdbdd1a58b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 38704
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 889399bfff55351f.webp
cdn.nur.kz/images/272x153/ 40 KB
40 KB 102ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/889399bfff55351f.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 11 Apr 2022 18:08:27 GMT
server: nginx
x-cs: HIT
etag: "26341ecd81762334ee2c043df8b0c0df"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 40790
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 44161419789e5bf0.webp
cdn.nur.kz/images/272x153/ 32 KB
32 KB 103ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/44161419789e5bf0.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 09:09:30 GMT
server: nginx
x-cs: HIT
etag: "54f843d50b313d1d1b7c57fa1196f9c4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 32712
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 4595c74797579671.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4595c74797579671.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

4572cd5079dfe161ad888bfc693f7175b24b082f3c9d83fdd79672b8f1f28f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Sun, 22 May 2022 18:52:29 GMT
server: nginx
x-cs: HIT
etag: "8120813ac0e3d0187bae0edac51deca5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2852
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 4b0d0875e9133697.webp
cdn.nur.kz/images/272x153/ 4 KB
4 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/4b0d0875e9133697.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 09:15:56 GMT
server: nginx
x-cs: HIT
etag: "d046d50098453b33ee4f3b10e805b5fd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4088
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 e4d7c42c0c6cc729.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e4d7c42c0c6cc729.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f81b83344d1a235f54adb3800f29a31d8861f300a8b9276f5d25d0efdd481a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 20:45:46 GMT
server: nginx
x-cs: HIT
etag: "33132f81d4242334673a13df95b99b51"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7004
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 294ms
294ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789576614196507&correlator=784688797860342&eid=31067486%2C31067688%2C31067709%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=6&adks=1131323936&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D2631207b1ccacb0a-22d1e5739acd004e%3AT%3D1653303849%3AS%3DALNI_Mb0aNnd_yJYcjr88R33H1fB_TLvtg&abxe=1&dt=1653303850759&dlt=1653303849248&idt=340&biw=1600&bih=1200&adxs=295&adys=17159&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1962745041.1653303849&ga_sid=1653303850&ga_hid=1791401548&ga_fc=true&ga_cid=946190871.1653303849&btvi=5&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

681bddae0af610a19ebebe52b64cdf96fe24039443227f837632435ecc76b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9298
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 61BF 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
DATA 200
OK truncated
/ Frame 61BF 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c44da0d7dd882859dd22062a9c7c1f4c565af67d1e9d7dfbc7b685130241fee4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 V02_728x90.html Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 15 KB
3 KB 24ms
9ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 273844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3248
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 07:00:06 GMT
expires: Sat, 20 May 2023 07:00:06 GMT
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61BF 0
622 B 80ms
51ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlsrFpdQNhbqB3-I-x6Wi3VSDa5PO3dcy-Brzr6o09rF7NLMnJiOCHmSmAIpcBhaamXx-YXVNXZE-iLyPeSrhNTVLvSnkjOZMN46lbKUErpCUL2hb6egG-UIYzyect6Hoz3WJoJvMKuVL4-G0Bt51OGSQXMk5_p_QRF7Nwn80bq1ue5e5fYNKMGseqMmkCjLFY9CO7CCjMAAM9krb1DNgNgWpPRO4MoJ-wPL1LjFcCv3TcWm85gNQJzQOVA1gic2igLKFR4NzIrrVC9mVpNrHjOpxfRWg5lnSampW5EGH1w9MES1bX7MdHIE4uiHgymkCbq-AOgzo9BXplOzRYPflS4DwN9wHC37b-Ybdpeix4qbZjdodmkmqDmnEzfZ-uwy5rjVWDf6OdPrExwDWGcRjedmILtFIY7_o7AP49lzhh8V1lhD0jukxbZR7Z7xTMuz5hVsl5N_DDvN2xGt63XIEsQN2L7bY5YBj9eB6tBBGZTlBH4G6xAn3AkWlH1auZ3FQ-VPG5ngQ9dljuPLvnYmAHQz-wUUCBtliP3xl00fXlCzo12nEI6pxgoN5rQWxdqab4zv2JLx5j1l9Xmkxp4cI85sAzUmKgYTrj6TPCu94gi7GVFb4d2YcGKx4PmOYpVR6_eb4yYeaDcs8rHg4uAOEb1pHiGbWUl8QUnAGoBI7B9jXvehHleJYORI7OsMgqDkGvIvFwqo3XmRrFWgKsmzWoUjDGPaWn35Y38qttEusgZLf8ZYxuyunZCeLul_OKX3zjeS0e59fPnQdUfWJupMWdTwSeZb-kn1kdCB8V6q28kcXv7Ras0HLKmKSFbghcK9mETjMLEJjg0IvhECQHLF1D9A00NFssZJdaSkf0d-owv8-m4CaWM-oHRItemjR1LtRjUrKWpQElzVeFluVvj00pPpiyEU6Oesx5ttyretY0Lul29DM79uoZ1CN1XYtswxUzLFXaORGmU-XffPYIiSd7qfBUteKionmn3xGp4U9ukfRUMo77oJ9nq5TxtPudoDfw0eciSqhywqJYN_lQTJUTXVL5l16g4pfv2vldKtxAQzS-vDE07W83VTuZ4KGmhF6fCB2rQRr6MAcROT_2HZAqUMoq0nyzSE4JZYhFjCe6I0tAxlom79QUG-783pvViOmeuSnuoTg&sai=AMfl-YSU8_dkQ3-Nxpqm5qRkjSlvFmGf2AtinXlLWp10EI6emRvJhj79wDYSt0Fv5ZMbJvGIW8D1z3Y-rFole3rBZFHz9MUKkD8-bdnA9B8ih5kcpykDNEQoqT8T8B0NpE06-BI33_k9RLEZ8_7fBDNNgNObcB3yRiwDXihC8-aRUYaoj85eMIHqVgj7wzVZyQDfDRby3xDI94DIazDTACEVAinw3BwJvVo&sig=Cg0ArKJSzHqQzs9nLODHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&cbvp=1&cstd=294&cisv=r20220518.00586&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 11:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 V02_728x90.html Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 15 KB
3 KB 18ms
8ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 273844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3248
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 07:00:06 GMT
expires: Sat, 20 May 2023 07:00:06 GMT
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0068 0
64 B 80ms
55ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssheYfyaR9vVTjhYecMUMOB2YSwrlPN2q5o5O6I8VMojY_n4mcSPPxqeIr50zGYKl3PMP8h1S0WqfwkWAXCb2q3NObSFcrfbhDfFcGUNuqHZ0Bs_mE93TtofZaMegf1wD3lm-cpMV4Y_uUOaagMuRaN1ouQtPkPC2PrBYuMUO0YpiH097ObBqGzka3pnEp4WMaAOedfeG4RJyxU9EYtXMbM550kCkn_NHOrH6OquCKO9uUOsmg-RgQ3JDeOglosfX66MuiS0VfasI9z-4SqUxXX0VQ4fbNqNrWH2sf4h8l_kVV_hj2a0fTPWTSIMJXa0TM0bG9Y9fX2-TcblmUyZ2Pt0UpAxcxFLpl5F7oUIjDnwAl7RoYzf7FCUA5hOY1kq7jZlQaR9tyWnZL-S2zh5J2HFskiQCP0OhnoE1Mru9-p0hLyYGqrirwzZOd5E-U2GZUuAJJMfjZZ4cks2strxa52BNErzEzEVKKc6gbp20SYKmAL7qxzLQunxM5HhpMgCeAjurA0PD_Zlb-e8TquXSNan_8vKT1pqhD2w7DFuMfS-imdUWjQFzdckZ_LrjcBeAeEO9gmFT5Nw7N88eRKgrWCALlHbP9G3bR7K-M1r1266Dd3bRnB9_ma_DPKt-bdc2dWEQYtYJQ9T37O87N-6KWk9tCkmkwylwT_fsXkHkVHmqagp2wEXzmnzNxwH-hC6E-Bet4pNZNiFhe4guu3ygFX_F6QRY7CyT81m5-kHy3910cVxsjWm4CH0HucilBrYv14s1k7RFPJ1HuD4ZMKCVxYt5y_86wuCc0HZF6uRPvExsgN94qcl-uX5G17GOZSRQWlQbNiiS7VTF0KHF8yxJnBP9zN-NIb_IZ8XDZC6XJbm9_LfpI3NHQHLuxVNNk6okK-kkxG39M9FXblpZLVIimAiVFyvU1DDMPQDUyEcx-1L6tAszAyDURhXjWI22UTAcss1q_t6_pncHyjd_cNTh5pdyWS79VmEPlxLt4D9CCVcHCgLXKCA_c9006JJRFKs5ltRlV70aXjJGSm7uLSluIitTG87E2RYBsTlrlqqXxYOtbRJH3BfXWqeTM45XmuQJJDGZw8MsxoTqcO8d7_X4ktFUZLMYv3TlbYCpIZfbvmMA9kYXgT0V0FkJ61DUYILKG2&sai=AMfl-YQcZlVTLoQGJvQVEukRbEk39hZ9-KzBQ-faKr-o6Vhx_DxWsA2bGS-qwqPJtjS4F9DUZNLY3cE1U047A-H4VizjumxY97BOH_bld7GtIa7Vr8RDGy4_NhP4uz418BbDCMeysaQ93domnRbPDfQoJPOI8lLY1jxyUDrpAZLfh5acl9Dh-mH39Rqz91hGtg46rtdXTAw46Vfxtl6jkzPsrSXqkdIlA-8&sig=Cg0ArKJSzJOYkEzNBNdDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&cbvp=1&cstd=276&cisv=r20220518.58461&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 11:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 11d1d4db3613c04a.webp
cdn.nur.kz/images/272x153/ 8 KB
8 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/11d1d4db3613c04a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 10:48:37 GMT
server: nginx
x-cs: HIT
etag: "4c0a1dfd5445b19dcc1985e89b24209a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7766
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 e2df3b9d93409a0e.webp
cdn.nur.kz/images/272x153/ 2 KB
3 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e2df3b9d93409a0e.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

60fc65fd65b05a8b21077c30c511303f4cc9d9a659226b3a279d1ee2f65fd35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Mon, 23 May 2022 09:10:03 GMT
server: nginx
x-cs: HIT
etag: "60cacce7ff64f9c72173c7adcab6031e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2340
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 8e918abc80e37c61.webp
cdn.nur.kz/images/272x153/ 45 KB
45 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/8e918abc80e37c61.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 05 May 2022 02:51:00 GMT
server: nginx
x-cs: HIT
etag: "d1e68afbf026dac265ad137f74493c63"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 45568
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 05835cff2a675bae.webp
cdn.nur.kz/images/272x153/ 2 KB
2 KB 100ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/05835cff2a675bae.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

947192254268002e4be259000333f6c1e3cb755fd7f344816afa1a358dfbf261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 00:47:41 GMT
server: nginx
x-cs: HIT
etag: "c343ed97a25915082c42659f489c2aca"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2146
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 2d9e26a6df21abe4.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 100ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2d9e26a6df21abe4.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Sun, 22 May 2022 08:25:11 GMT
server: nginx
x-cs: HIT
etag: "629a6951f2e5ea0715940db60ff7b819"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 4678
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 dfd8e754c605581d.webp
cdn.nur.kz/images/272x153/ 2 KB
3 KB 101ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/dfd8e754c605581d.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

030011375e134406b94777255c02b5c07f450ce5597506bbf198cd4f958a47c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 11:43:01 GMT
server: nginx
x-cs: HIT
etag: "33230090edbfa4cef49560b53c72aaaf"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 2460
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 587e6197ab227cf7.webp
cdn.nur.kz/images/272x153/ 9 KB
10 KB 101ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/587e6197ab227cf7.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5324b70acffa135875d1bfec7ea87d058005568791e54ba4b8410fb2fb1739ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 01:43:27 GMT
server: nginx
x-cs: HIT
etag: "a01be8518556de8f39af9d1287384468"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 9616
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 7f009a5e4f386b60.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7f009a5e4f386b60.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Wed, 04 May 2022 01:03:41 GMT
server: nginx
x-cs: HIT
etag: "556d973c158cce17b9b7e0fe52548eb0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3324
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 7850210159a320a6.webp
cdn.nur.kz/images/272x153/ 5 KB
5 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7850210159a320a6.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Tue, 03 May 2022 16:50:42 GMT
server: nginx
x-cs: HIT
etag: "d477fc283b880dc8c08ad1d24fac1df9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 5264
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H2 200 9fe66a76a23bf380.webp
cdn.nur.kz/images/272x153/ 13 KB
14 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/9fe66a76a23bf380.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:10 GMT
last-modified: Thu, 12 May 2022 19:27:20 GMT
server: nginx
x-cs: HIT
etag: "54ecb2f7e2b0f36f1a46b886e547f7ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 13604
expires: Tue, 23 May 2023 11:04:10 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 252ms
251ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789576614196507&correlator=784688797860342&eid=31067486%2C31067688%2C31067709%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=7&adks=1374688426&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D2631207b1ccacb0a-22d1e5739acd004e%3AT%3D1653303849%3AS%3DALNI_Mb0aNnd_yJYcjr88R33H1fB_TLvtg&abxe=1&dt=1653303850935&dlt=1653303849248&idt=340&biw=1600&bih=1200&adxs=295&adys=19071&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1962745041.1653303849&ga_sid=1653303850&ga_hid=1791401548&ga_fc=true&ga_cid=946190871.1653303849&btvi=6&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ffbb1eb766ddcc43600a98ce08905a3081fdb63ba464ed432564ed53aa632d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0068 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 V04_728x90.html Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 24 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a4a5d757539bcac6c385766a79adbfecea08481bab0cb02b89b58703961339e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 592051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4019
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 14:36:39 GMT
expires: Tue, 16 May 2023 14:36:39 GMT
last-modified: Wed, 12 May 2021 14:56:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3750 0
27 B 69ms
54ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssF_w7aLsoPHlvkFz76Wj30FPGmkQ527KrwC9-7xgrTa3whzpIke4i0xe0q7VOvuJT1wxQjnV5IvpAkoDQr8llcq-745pObJQMKUnaHaY7GEkHM-8mWazi6cydDiwgvibmhnU_dKp5TRc-QTdPvZ_NIR9tiSPVBCqeaE62AACglBo3vBi4jsD5Ekm6VIWjdIf_WfwxPSx1SRpX0pKXZj4KOMmT8r6QN7lAid3D4K-axss-mH1Boo8wx_XdMsFTe5CPqksBxeMHtcV6yoxhZa8e-JqYw951FAMO1zFPj8W6nWo6iUolydmOvsmv28HsCD9YVgN7-sVJSZabKN5YDjaYkMsAIW85q2HyRKZZ-JBrXVj1IGJLU_VEcnkuyxsfTH1OcgA5mboD47i3E8rGygU-nzRh0x17NHKO8YwNSL36H9BVrtFMrlcZuVjIOf5YOghaEBL-svUDbHknQ7xlITZQ9cKPZPXtOwSOYTSOsdFEcykVoJu3siQQU7ra4pAzlsl8b1vYMbRPWCNEV_9LLUrW4o0bvs8gatDx1H079QDIYKb_WPFWbwLiSiZbnLmbWP_EscfEy9vMph_3WjNYfowSVZnvOHHIw6gms3AaYyL8BBsJKh2JaSVJtSJKwMKbFSTG548MsmqT5HvUwzw6GTcL65qA1Mz4hxHGAPWc11987bY39tp_6OSSoodxhUrB-w1O5WTT-2_yhae4RNHbFJDMbUTb_1M_E30C5hqkGEV1TWQOZP8FoC4JeQl2OqcvXIcYMBAExfuGAv7RMSOavhCMvwqCAhhcrs_bp6VQsur8V2MGn8Ei9rQNxmX-gCqeb6EpgLLE8LVDCREn_KyQgN6YBAe8lNQ1vHY-Iv531J_wB3PTJNRx2b6fv2_jRR9XnaPgm0nkfnH50VHANFFqtVXbpkWJ22JOB9a88rP24dEnE77fXyNslWmD2yN2nk6F0CsbZmA1neWY928ZF0wtKzaJoNb6Nh7zgalOtMiW6NDLQYLM1I3d5_T99VYEj0o_KAXE0um9HoPey_O5nK4UZ9o--pdZTWg_rJhNRlUTqifRPb_ev08pct7vdcgOJl0BkSmFtxPVejkaJo0ECbZRMAj1d5HTVrqqfQ1M-VFDg3fju-cfWeSdo7PvFdkMZa0PfTusUM4quBjM&sai=AMfl-YQN580hTUmgRvLSk_Z33pwfWgsiEJeUqtr0xpwJRsnb2cVGPSw27WOKcaNRHep5anurRFP6S0MSgJvxsxtrxw31nTDhB12C5kR7CmgVWMtuz398OJsGTweKdoXn0xv3dJdymn5IDTwbt8SlUr_kJa-UnJpcFgXigH3PmMr6Mn4wNqnvEJTaXhMd_o6_nhNFzVkVrv20c72t_1IrZNQyHGCwbbpiBCE&sig=Cg0ArKJSzCMHgh85xWAuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=337&cbvp=1&cstd=336&cisv=r20220518.23697&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 11:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6AD 6 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0068 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c078d743bf666fee6b38caefafb008eb6486c616698e89ee46541c68c376f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3750 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A3DC 22 KB
8 KB 10ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 55 B
103 B 11ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 731 B
263 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 24 B
72 B 13ms
10ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:23 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 281 B
187 B 15ms
12ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 247 B
225 B 20ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 21 KB
6 KB 18ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:08 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 3 KB
1 KB 15ms
12ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 8 KB
3 KB 16ms
13ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:32:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 2F54 134 KB
45 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 11:14:18 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 13 KB
4 KB 15ms
12ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4332
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:17 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 2F54 5 KB
2 KB 17ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 55 B
103 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 731 B
263 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 24 B
72 B 11ms
9ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:23 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 281 B
187 B 14ms
12ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 247 B
225 B 21ms
19ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 21 KB
6 KB 15ms
13ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:08 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 3 KB
1 KB 11ms
9ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 8 KB
3 KB 14ms
12ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:32:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 651B 134 KB
45 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 11:14:18 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 13 KB
4 KB 19ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4332
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:17 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame 651B 5 KB
2 KB 19ms
18ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H2 200 88c63c8fb8e19346.webp
cdn.nur.kz/images/272x153/ 2 KB
2 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/88c63c8fb8e19346.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Tue, 17 May 2022 03:17:40 GMT
server: nginx
x-cs: HIT
etag: "092d55ab4ce6596e16bf2f868178199e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1642
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 de457124078ddc5a.webp
cdn.nur.kz/images/272x153/ 55 KB
55 KB 99ms
96ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/de457124078ddc5a.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

def9499d85aa9ccd146cd3fbea29d13641bae3d699c0a55e57ae2f8cf5b344bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Sun, 15 May 2022 02:54:13 GMT
server: nginx
x-cs: HIT
etag: "80132ff4e1e9ecbb16676170e57328a1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 56334
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 bd85da3e959d7f01.webp
cdn.nur.kz/images/272x153/ 3 KB
4 KB 101ms
97ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/bd85da3e959d7f01.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9ef69d91079bbb3aeb0abbf7a68c9d400b6d2a78a46ff9b5bcecb1c98df3878a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Tue, 17 May 2022 08:33:12 GMT
server: nginx
x-cs: HIT
etag: "af5afa569d2a136d462fc36c2dd16ee5"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 3320
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 93040769b8d83977.webp
cdn.nur.kz/images/272x153/ 15 KB
16 KB 101ms
98ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/93040769b8d83977.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Tue, 17 May 2022 05:16:42 GMT
server: nginx
x-cs: HIT
etag: "97af685ac3719ce75ca39c9460ddea2d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 15698
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 2ef1a144757381f8.webp
cdn.nur.kz/images/272x153/ 27 KB
28 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/2ef1a144757381f8.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Mon, 23 May 2022 04:43:14 GMT
server: nginx
x-cs: HIT
etag: "5d98f2d0ff4d3900fa3d957e9f207358"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 27886
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 f7f64138628185aa.webp
cdn.nur.kz/images/272x153/ 12 KB
12 KB 101ms
99ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/f7f64138628185aa.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b17ba3329aeed8caf7cd85db62cde9c5502325c5268aee997b89ae939e4d3a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Wed, 07 Oct 2020 08:45:33 GMT
server: nginx
x-cs: HIT
etag: "5b4f82ef441840b0aa3dd21f80976bc1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 12472
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 3d8b6eb8b9eb47f9.webp
cdn.nur.kz/images/272x153/ 10 KB
11 KB 102ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/3d8b6eb8b9eb47f9.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

cdf31faf3dd8935f5ee63c1a29cee78a7921ea31fb3cacae156773602ed576d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Thu, 19 May 2022 08:03:27 GMT
server: nginx
x-cs: HIT
etag: "57b40556d23f4c536bfc0987ae44a9f1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 10582
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 e5898343cf49d79b.webp
cdn.nur.kz/images/272x153/ 52 KB
52 KB 102ms
100ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/e5898343cf49d79b.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Thu, 19 May 2022 10:35:05 GMT
server: nginx
x-cs: HIT
etag: "26b31b00772a99526d7a58bafebe814f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 52924
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 bf6de423e75c760c.webp
cdn.nur.kz/images/272x153/ 25 KB
25 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/bf6de423e75c760c.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Sat, 21 May 2022 04:48:07 GMT
server: nginx
x-cs: HIT
etag: "dd23efdcbd37168f2e28ed8d2ee69e70"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 25156
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H2 200 17ad01111e395198.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 103ms
101ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/17ad01111e395198.webp

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

dd74716dab8ccb5dee6626fa4e1a72eb209bbee5174a3e0862290c0756c53c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Mon, 23 May 2022 03:19:15 GMT
server: nginx
x-cs: HIT
etag: "603e5a3e68ae0b328cfa2cb1466ba898"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp, image/webp
cache-control: max-age=31536000
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 6866
expires: Tue, 23 May 2023 11:04:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 255ms
254ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=789576614196507&correlator=784688797860342&eid=31067486%2C31067688%2C31067709%2C44755509&output=ldjh&gdfp_req=1&vrg=2022051701&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C980x90%7C980x200&ifi=8&adks=1445620061&sfv=1-0-38&ecs=20220523&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie=ID%3D2631207b1ccacb0a%3AT%3D1653303849%3AS%3DALNI_MbnvFfMZBm0c-sG7XFuF-7-D5dbWg&abxe=1&dt=1653303851188&dlt=1653303849248&idt=340&biw=1600&bih=1200&adxs=295&adys=20982&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=805x100&msz=805x0&fws=4&ohw=805&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1962745041.1653303849&ga_sid=1653303850&ga_hid=1791401548&ga_fc=true&ga_cid=946190871.1653303849&btvi=7&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

73dca0dbf42125791b5d2c96c654700f1512762cc101b00958349e2002c5f423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11362
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3750 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2838c213ca44722c5464f109f4f2579079a13a2a5e4da53c3bdc8ea5a08195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 55 B
103 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 731 B
263 B 13ms
12ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 24 B
72 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 281 B
187 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdgesture_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 57 B
102 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdgesture_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f058ecc947d0bc01e2855afaff0be17a2e30ae1e067ad3a5389b986a62225e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdimageeffect_style.css
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 155 B
156 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdimageeffect_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b55813b25ae260a56eda5cfaeb38da7eb5e3e973550ecd6a55babff1eda048e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:08:24 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 247 B
225 B 18ms
16ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:08:24 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 21 KB
6 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 3 KB
1 KB 20ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:08:24 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 8 KB
3 KB 20ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame CA0D 134 KB
45 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 11:14:18 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 13 KB
4 KB 20ms
18ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4332
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 5 KB
2 KB 20ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 gwdgesture_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 7 KB
2 KB 18ms
16ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdgesture_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c221c545c446656507ebd0e249a5d26deae00491d4b472af043484067f724c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 06:02:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2402
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 May 2023 06:02:12 GMT

GET
H3 200 gwdimageeffect_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 5 KB
2 KB 17ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdimageeffect_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffc5d6400b9de98fc44b90e81177a14b05c926d780cc0ce3d34021599cc66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2070
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:03:36 GMT

GET
H3 200 gwdwave_min.js Show response
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/ Frame CA0D 5 KB
2 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/gwdwave_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d17e00af993a524ce09f8ffb29a50a51a97a5ed53152bcf7f2d3f0db9057e083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592052
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1814
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:36:39 GMT

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAEC 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46FC 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CAD 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0864 624 B
297 B 42ms
33ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVqN5ljMUiP5EeeuN5_X0U9VFj-lex2PabNasla0zN9HsFlOK_ly_bYdwySv-4RI_rtBFRmhs9HY7Jjuz54qAgNv1MdOPOBNvXL5l8PqQ4K_H4is2nK7uw-zOq_k1uDObUHU3C7BA5sS63IJIQ-5TO4JCAJBXDxNT3oPKdOIcL2T0DXcCg

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F6AD 78 KB
33 KB 75ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs85jTqzCztbplimTzaqZCv_xLYjmZVjm-n89mdHwz8Ur4THjwo9kQFbMHm7OKRUaJDeMwyE8cGix_kx7TWSOqXsuZJUs9XxdP14Zo2_8c0IqgCNAMqKPB3W6Q1s3CKxoZup6HoaHgSEgWpXJnmreaufCtcQ&dbm_d=AKAmf-AptC9zyMacQqATZO0ERDNm2EN6gsr8zxTV00NhQ-QS6aRjnhQrxkUg5ITNd28vGjM0IfOfja7IYgAKQ0buQQOl96WPogt9VUX08CD9XRJmqLsCIqot6cIF2nR7f1G3gNtLroRdXwD93H0szYsskOK1znskhI4RgVzXUD5rv6EcVeq_0uROCN-J8zDfReEkBiJaO7bqKsAgWAISbebB7ExXpjNW-igyPAGsujpfO1aBBinkgvA2wLEnjj_-NNLEeO3_Nxciju7rQajcvnczV0A0GCROKAilGyBY2RJJV0YtFSk6OJoLHxsn2-XpoZ4IjcpkiHDz6HZsFdDsOueyv9SPpDQ7f8Tz1OHclhn02TITsoPbzydLgdFqp9yAJVBJhE5VzyN9IilkaOb-18f4z8fxg__R2BQWXq_FtbpS5aKMpozVHy6Y7grv1QJkqNrMTYac2X-WDfs23ffaQ43Kllarr-vmuv4UwvNIoot9s5CjrPauMI1rh50YTinlEKjFhzv3wpN6HSM8efTKZFkuh91Z9OX09_j1G9s0_6eqKf4W93dkJ5d8ESF1DzZOu9QlgYJEyJeyS9S46SFuDd9gVPgesvakOcqRYpxiS87hI730oiiN4uCj1ltKlbA-oZQztzRnP-Swdq-A3wWeHwWgwVzbnFg9rKzz1WfaLIlgiCicgA-pgp7xSoXbE0CpcxmAyu2XTzbs9lESrzCi0puayzCWCloz-cCTkA2_9gSlBqz7xlIW6xnYDNJt2vuHQEPpFmKz4h7RksG0N_b4TpwZ9hjv0OO0g9lFr3O0hXUy_sRAI3H5M-gBGH95frphYTQbpWV0oQbA1A-67zN6S8nIEYM8ji8cvF9-6bY4d_nKpQoLx-llbEY7BfExWhrc5n5GmBY31Tb0CQbzcIQGptUKehJ1PM7NI9hj8NCtbHOpg8X2xqaajCZZYSZGwRcS-iB0pwA81wbC_eS-t-LlMRP6Z6W2Ljx63ExVTVbtl61WHog6TqsNy5bbq8U26glAX5866SR64leD8qQiAWzC2ERX1LdA_bpXA8FtTkO7R5uo5mWF8YJWCRbnoge0SlN3AEReDIGZ67gmUKSv_Qq-xAyP2WBXjVZkc8PHKfwiWYKUbsIHkqURX9W9IVS_ZM7Q0CpXeoM0NbXvEsIuVarmhTLLNbVXq-V4-3m54GrpHunWGAiIVNXi1XIItSjZ9JMWwarFzpTlOM-gMySrE9kOu_7JjoI13KWys8t32smVHdU4YPwzv2jzubUh9Pn61kukjkoiAnElBz2VZc1lI0jb5sGBjFxrGuB52OiZv9SMMblBZCcEkd0af6cqbjZ3BbquWwr-VHxyPTzMGX41H7bywN5PO_VfTilO1jt4xYJxGwvDCXhcficBRiy08bTW48B4GTCh9wuUka8p14krEQZW3cht7XbfYXOqlQvQ7IRiGGK_vWrh59cw-wbbKt8qCKXXKKjER_SVaG7KNSlG4_gy9M9SWt5Pmv-x0i30voC2sJN1C10Am8WBLany1XhcsvBxp57IqUf1mpgySa2U_YiAeCk4F0VI-kegRxuOwkc4nzjOwdWMfuJNPNcX_Ms3b9sorUwkVDBKKn_JDFSn3ubdmQ_yuWzeUmgEycniiO6J31W2jZqDIxH8_F2e5dVdgh1GiE0-8Sy_k3Ki9pm0sVoc9PREUTIZOjTbIXtyPxdgllSXPXmVr7kMszvJj4vHNDw27E-x3TyEChEsRfjhTGiPeOkIR5pOdeGzn-ZTBi4KOfDK8pOy9vxbeutFMDZjULtGuW8p1KGZQ-0CHpeDwXzuGw63oqf7y4qeJkuIqoER8kEYZgrnnDvEoP6EW-2hImBbGd_rIXpuHJF8rY3FUbaNLy2zozqoU9cyT_oGOf2xweIEW7oRnbHRoF05iZyLThrDIrj0DdGVADHq86oT2BP5NSKizhcUxED7gCChL5gOZw_vq-6s-STUyZ2NECJdgTXx1Jzvi72AUcTDB1fc_iLgZume8K5Dx0HZSLwNnAwvUe57dq86xnqKNHJ032ZvEv78hHhaj0KDnxSgV_pJ10KCNvWeyRzYESk5ZUTvaojp8UsPhfFPKBD6hkZEiuNho9vkj2vmWtxCGlWTVrpPeMoRKwl3FQjl9S61SwXGvVfPbhNQfT3XKRdJ7QWBefKaVIjVAK754TxoZxjgdxcImYR6J7o3nUC3yHQtOU5KmRw2hxcJt1q8O0K9syt8Ccz-U01gjbKCxHVhD_dvi56O1_eHZnhcPQOPFTPCiecRvL59X6vHSbJCXeEAWNkMHubbEGbU6mKMjNSdp93hoLlp-aZa2zpE1dOb_QZLOLal-CqcHo59z-bd4LjivvCkiFkvaos02nsgWPWLwMLLPpCkWHlhYgE42MFU25-aEXlYVMdaT-nS1GrGYKFNkcXnynK0kfC_3a6xrU16WCZXsDP-oxH-5nK1epd7FTGx4LkZbibcLFiENuEJiIoOj3QEiv0QcGZ0gqbgHw5yZD_KH-mPPiFkq38AHqsnzPTj3oelEPNioSFRs464kA8EWzPk6rYqjHc73rjhIsXhgX_2EQKk9wcmGpS16U1deqxMkjbwGp3p5aAncAvMtszC6NOEG6BJMjcjNmmD5dgYGYnpCHxvMTDGdtWJOW6YHkWC8SgqITCyDbXpTy_cqd9kojRFmIEOrdvoORrWeSWSPY8qF1lBa_J1XD1uqhVW9Y25W3hSGClKnDIOrkUcIVpXdKbNplOoTYD2r7eTFVvVaMM8nau5iJg_6B4fhc4j116dTLblSHgAxEwWToFUFI5VkWAfiaX-qCsvjfTApLmEsO_7c8ZRnj1J3LOpvU-2CO6-X50Z43BBk9Ww-k_BOYiMZ4P8pFAqzkoZLU1ln3FSi4QUTFHCdnNKsoYRpOu-LMJnqZAxTf59DgnENgyUiF_3TK5qrLwADjPX3KdyVR45QoImlsWrQcMtG6eFj5ftDdGMpVvGZB3JNFNGeW_E1vnT7fBKlhtWzAx0zjizPiRRE9Fk7oTRzlMqwZFiHnsU9Qeu-nRDEz8GOQTMHDIs9Xdfb_FxkEiF-9xqYcKbG-mNKrKm&cid=CAASJORoo3YM0fOzOQ8MzVncvLfxAhCSh8WLV4InTvKWQ8pTIL_pzw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb740a1a21bf59752ed10cd06ea4ee511193e9218653ececff8d482edb2e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33267
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6AD 42 B
63 B 45ms
43ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_RQ-AaaCxXZZrzgaYVJafEWnI5pOgfuJbPVKkhhaowpQZklOutQJwvisYpUqoatTBQjWhSadN0vJQuaRBmYmFLpfBIOvaL4ZHvuJBzXDvH6uGjuU

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame F6AD 3 KB
1 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:00:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6AD 135 KB
41 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame F6AD 17 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:01:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F6AD 0
0 18ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPvUr8IZWMw9cb4DyRalFUvZSNJ02PKUt7LmT70si6SoM1G9rJxAo-YMutuguhhCHhjZvgEY42w1aiptc6_hHShhLwIg
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3ACA 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61BF 0
26 B 45ms
44ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlsrFpdQNhbqB3-I-x6Wi3VSDa5PO3dcy-Brzr6o09rF7NLMnJiOCHmSmAIpcBhaamXx-YXVNXZE-iLyPeSrhNTVLvSnkjOZMN46lbKUErpCUL2hb6egG-UIYzyect6Hoz3WJoJvMKuVL4-G0Bt51OGSQXMk5_p_QRF7Nwn80bq1ue5e5fYNKMGseqMmkCjLFY9CO7CCjMAAM9krb1DNgNgWpPRO4MoJ-wPL1LjFcCv3TcWm85gNQJzQOVA1gic2igLKFR4NzIrrVC9mVpNrHjOpxfRWg5lnSampW5EGH1w9MES1bX7MdHIE4uiHgymkCbq-AOgzo9BXplOzRYPflS4DwN9wHC37b-Ybdpeix4qbZjdodmkmqDmnEzfZ-uwy5rjVWDf6OdPrExwDWGcRjedmILtFIY7_o7AP49lzhh8V1lhD0jukxbZR7Z7xTMuz5hVsl5N_DDvN2xGt63XIEsQN2L7bY5YBj9eB6tBBGZTlBH4G6xAn3AkWlH1auZ3FQ-VPG5ngQ9dljuPLvnYmAHQz-wUUCBtliP3xl00fXlCzo12nEI6pxgoN5rQWxdqab4zv2JLx5j1l9Xmkxp4cI85sAzUmKgYTrj6TPCu94gi7GVFb4d2YcGKx4PmOYpVR6_eb4yYeaDcs8rHg4uAOEb1pHiGbWUl8QUnAGoBI7B9jXvehHleJYORI7OsMgqDkGvIvFwqo3XmRrFWgKsmzWoUjDGPaWn35Y38qttEusgZLf8ZYxuyunZCeLul_OKX3zjeS0e59fPnQdUfWJupMWdTwSeZb-kn1kdCB8V6q28kcXv7Ras0HLKmKSFbghcK9mETjMLEJjg0IvhECQHLF1D9A00NFssZJdaSkf0d-owv8-m4CaWM-oHRItemjR1LtRjUrKWpQElzVeFluVvj00pPpiyEU6Oesx5ttyretY0Lul29DM79uoZ1CN1XYtswxUzLFXaORGmU-XffPYIiSd7qfBUteKionmn3xGp4U9ukfRUMo77oJ9nq5TxtPudoDfw0eciSqhywqJYN_lQTJUTXVL5l16g4pfv2vldKtxAQzS-vDE07W83VTuZ4KGmhF6fCB2rQRr6MAcROT_2HZAqUMoq0nyzSE4JZYhFjCe6I0tAxlom79QUG-783pvViOmeuSnuoTg&sai=AMfl-YSU8_dkQ3-Nxpqm5qRkjSlvFmGf2AtinXlLWp10EI6emRvJhj79wDYSt0Fv5ZMbJvGIW8D1z3Y-rFole3rBZFHz9MUKkD8-bdnA9B8ih5kcpykDNEQoqT8T8B0NpE06-BI33_k9RLEZ8_7fBDNNgNObcB3yRiwDXihC8-aRUYaoj85eMIHqVgj7wzVZyQDfDRby3xDI94DIazDTACEVAinw3BwJvVo&sig=Cg0ArKJSzHqQzs9nLODHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=845&vt=11&dtpt=549&dett=3&cstd=294&cisv=r20220518.00586&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame A3DC 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0068 0
26 B 45ms
44ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssheYfyaR9vVTjhYecMUMOB2YSwrlPN2q5o5O6I8VMojY_n4mcSPPxqeIr50zGYKl3PMP8h1S0WqfwkWAXCb2q3NObSFcrfbhDfFcGUNuqHZ0Bs_mE93TtofZaMegf1wD3lm-cpMV4Y_uUOaagMuRaN1ouQtPkPC2PrBYuMUO0YpiH097ObBqGzka3pnEp4WMaAOedfeG4RJyxU9EYtXMbM550kCkn_NHOrH6OquCKO9uUOsmg-RgQ3JDeOglosfX66MuiS0VfasI9z-4SqUxXX0VQ4fbNqNrWH2sf4h8l_kVV_hj2a0fTPWTSIMJXa0TM0bG9Y9fX2-TcblmUyZ2Pt0UpAxcxFLpl5F7oUIjDnwAl7RoYzf7FCUA5hOY1kq7jZlQaR9tyWnZL-S2zh5J2HFskiQCP0OhnoE1Mru9-p0hLyYGqrirwzZOd5E-U2GZUuAJJMfjZZ4cks2strxa52BNErzEzEVKKc6gbp20SYKmAL7qxzLQunxM5HhpMgCeAjurA0PD_Zlb-e8TquXSNan_8vKT1pqhD2w7DFuMfS-imdUWjQFzdckZ_LrjcBeAeEO9gmFT5Nw7N88eRKgrWCALlHbP9G3bR7K-M1r1266Dd3bRnB9_ma_DPKt-bdc2dWEQYtYJQ9T37O87N-6KWk9tCkmkwylwT_fsXkHkVHmqagp2wEXzmnzNxwH-hC6E-Bet4pNZNiFhe4guu3ygFX_F6QRY7CyT81m5-kHy3910cVxsjWm4CH0HucilBrYv14s1k7RFPJ1HuD4ZMKCVxYt5y_86wuCc0HZF6uRPvExsgN94qcl-uX5G17GOZSRQWlQbNiiS7VTF0KHF8yxJnBP9zN-NIb_IZ8XDZC6XJbm9_LfpI3NHQHLuxVNNk6okK-kkxG39M9FXblpZLVIimAiVFyvU1DDMPQDUyEcx-1L6tAszAyDURhXjWI22UTAcss1q_t6_pncHyjd_cNTh5pdyWS79VmEPlxLt4D9CCVcHCgLXKCA_c9006JJRFKs5ltRlV70aXjJGSm7uLSluIitTG87E2RYBsTlrlqqXxYOtbRJH3BfXWqeTM45XmuQJJDGZw8MsxoTqcO8d7_X4ktFUZLMYv3TlbYCpIZfbvmMA9kYXgT0V0FkJ61DUYILKG2&sai=AMfl-YQcZlVTLoQGJvQVEukRbEk39hZ9-KzBQ-faKr-o6Vhx_DxWsA2bGS-qwqPJtjS4F9DUZNLY3cE1U047A-H4VizjumxY97BOH_bld7GtIa7Vr8RDGy4_NhP4uz418BbDCMeysaQ93domnRbPDfQoJPOI8lLY1jxyUDrpAZLfh5acl9Dh-mH39Rqz91hGtg46rtdXTAw46Vfxtl6jkzPsrSXqkdIlA-8&sig=Cg0ArKJSzJOYkEzNBNdDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=905&vt=11&dtpt=628&dett=3&cstd=276&cisv=r20220518.58461&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A397 640 B
316 B 22ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FAEC 77 KB
32 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A55WdCzfUltoVEo-en8dP9f_6nyoKo5xONvXy3F4NzV21d1VZD7QfLFtY8ZfCDbOHajYO677-C1ya3dtEowjabR3UbFQ&cry=1&dbm_d=AKAmf-BaqSY1vXBEd0aTUJ3DSDUksqaMV_B84d60W3LGd7Nlvt1UfY1IxzMazQFrlJDXHwWcqXZMBnn-oZtn4Kq71dYSm3ZQGhg-2RfZp7nsA-PWtQ0fnUZ3dWasLn-nDuHqbWbPaajufkDP3sRqGoi_WejczIPyqxVclnZKDF__lq6aVx9EmqeQEAf9L7PDd8oX80haYRFoNmAGRIPj6Mct8eCiy0wAdtxPaexQXUa3_B47cDI-BjH4h-QnXqOdmLzU8TsF3X7PtmU9Daf49GlrvzzkTJwxeRLnF1YQJCCvFPP7CS0cTHUmHBwDa8EhmX5EcmIlFKzJLI9nggtBe2tLbXHa3Dz2Q43AUFEvZmk0wM8TWxZXgMqPZjmqwfpSO7Qm4i9KqPns1X58gqWW4vS6yxOMHfqu8qRIAeczICvIzxgKiV_TwDJjSEVR956ZoA1qeDQ2l4JjUS3GFp7dZpaZ24DpRRTg5LZjQM8BAIHULFQfeTdUdSLO8Zvln8GHCHkqE3jPIhCPw_O40xTJ_zexX7am-NMuIAzVpBhHtqa7R0pb0b2V2CYDUlwNL4BurHlpAMCVI_HGRGWOu-JiJEoTDeFKTmt1Vug77ZSqWVgWmgig95m_udj0PTd_7N6AH7mzWzDIkVQQfzwjrxYkh5Yb2Fh7qJs-JJtKYQf7Gaca4DezBfaUKODnod0CklnZzaTuJdBevzMqabb72Yt4o3SVt2kuKFnG7u_K4tLDMThBSmFjD68McDyryXcKHvu07TocZogIjIGtvQ75DHZOqRfB-8OitRVsrrvsWVIokJd_POiSIY5S6mjrszKdzXSr5S3ZdORUULND6Ekunbr0cxks9H9wCiwKo4DPOGu-_TIq1mFk0WJu42wMtSQ4etOXVASektla_yVtE7L7ly2ItZH1lS427kTXFu88XT35FYgfw7xRmR9vEiUvV6AmDCOthReNEsKFe1X77YVcBb2RTG4bw2wgdGScuEQ1yc7IG1Tm-oLQs4ot18hizQFb7ixMoViGW1ktg6wMfO9FACl7AGLtzmJbFJn1aiFl2XDG-oitQ91PL3T2r8qm2KrqXmaM03HrplwPL4-azs3op1FX5xNZFGNsVg2pyrmcqNivbVevpzi4ynrQTz466_dDvJJ7nc8aVKsTc5ph0LCi0iC7nyUwA2ec8R0L2KJHLE7A0pVbDMNdCyV27ICDYxKnofZcxt7FQpoLIzDzVF6c95j5REDIWio6HxDDktOvt1BO_VQk8IeZL_Rd_oa3NBWUe40Z7spM3uheVIeNRwvM8ZRXSQPM6kyzls88tSVPk1ck0VDhwkGfNTw4IrWcqxwwtqTqIqva4MXCDBSJX7RsSGpDebJYNS1JiyGoLVi4pDjSR4hNWMhfKLj2eYGyM2iZ3laBNHi8D5Ul_thDiU0N9XKyoVT6QHo_XQY5bGjCzZWmZJVRouYqnGLJoMVROfE1QOn-qbe5i_kGx56zboAclZQl8IqPYbYXVqqykoS0V6lTGGzQj4svztrDrkw3CGCFk2D_gr3O23Ht86-KRIIe3Q6Rh0-uZBurSCrymIYxAioEFSfMI4UWrQ0Cc2_SCoygjpk2fJRDEaR2FvA2nmwhLvwXe6NsMXgY7Hd9hz4Wej7a9_gOWvkLrKGno_m203Tj8N-hlvbboGUoPi5vF53bWlPSHmLAWn7uuNq-sMScPxDZ8juzVwgeW1mhhfFuVCt_5hOf78rcqB5GYnobfsTUnNHOXiOPlEwOw29-39SuAOrEOItIazd35BZPKk0STaOJ97ytDcdnV3OptAGOxn97KAYrh5HZJsEgw7sAMHLS8bE8CgabvM4G_Ogb4hMHGAhGyZWIkm1RExuodMNzVRbO5CcLQWykpLTE2FaLTqLZIQ_sLdQDuNEnmaF-vNzkd0Mj6Ehc_F88JRCz9U4K_toRhHdvd3IxB5j_9qWy9NF-IeyRdCWD0A7Yj4sXhY-f1JK7F-24Ggx2v48i9GdEwCDv7qXK5eOl2C7453cJ4bPagNrWDz5V7noGWTh-WyocZJESh5SzPA3vIHMm9-paTDCsBI54-6AoE7QcEy410C5Bt5Ua00U1rvIEQi11AzjIMq57x12se4-xiRI5uffnO0i_9aOZW4xtLMHkZcvn7Hc5CIo9NZH54tki04qBdf6ANJ3xHxNda_HMcnBXFVTnhrShTffKkcjvlc6bf9fGf0gin0MDe4H-13SkwzsnnxPT79Zm0nw5M8Ec7i99UsnGXhG4DZ97Ye2WZkSc0QdiTc5zoblwrsmko04Gz2134VDF2pvFU8JZq84oQP7D9BejCBbphdXH4Smrk9xNkXnmlCXhZlv-QNQTFu7-dyxdEUmPAUou6sSFJzoI-NOQHicxuaoCqX_tQltddwl4Vl1Hm3AwuFxMIsv0oy_BJgdNWglxN2TRAv6R4wbzv1V7jvw5_n2kHVjdGxMARuX_EL2pcnkC3igxAD9tnaj2yR5h7wITfea26KStWtjMmS2t-OYdOiuVJxaKzsvhK5KOIj3hGao5QgOdJCXhX8KWgOK5wTyqNqgluc-fnOJzffXb4LdmH0ilE-q0wFv8ffGA4MHLPbQuLGs_4_QFtoWX4hQqCA0ai_XYLBMtEi4RwrJmBjlGtrNTPAZoP-v2-F4rxtmjzOy1LvUCjncx78Ubikivhq9BP5YyxTXUPRqs1CTAxaIDRhVIqOuKfn9JRvfAc49W5Tpu6NA-EjFAMMsvMMPc9AwmjoKaTx14N97l2Ci8vbAQxqvEDSWWjJsjZDREg8pvpvuwXEkK0cG1i1tsBupW-QUs8Ceosie0Y54zs4ijQsZEBbnb-IXoxkkLhTmzZg2IbwpP2b6yTa5HUkoM0xGypCRpnxpFjkphlGgSh891tCLCsKzkm7PZ3Xhh6T1IFW7_BH6BJ07EzlHL7p1404dri0CDtPi2z37m1VuDyFgwE2X-OYgYtrmEXjLKIlf2e_Bs2itEKRkTBLi9c9Egj23qB2pzl6dnI5PjeLNMB2-6f_kC9RGlPKjW4KTbBsiLoXeTOU0531KaYjCc9SNRAjCz6yR3FCyR4XrN5WegFtpOtvta0Q5YBHgGwVh88vtyhJQDf2Ip8k5_bVclM5tABsBv__mwCjuGWByzKbmjo-dlLO9UMvkkz-Xu_SSnJ5nHbwVXcPQ65sjbMFcT6Q63SNvOncrhE0LgkmNMNqSCHcBQRsRp&cid=CAASJORoKh3tHKjR4U8rYMHFpO6HPGqOae9xBB-Ho6JwF5kuIdvn0g&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d42b72eccf092abe86849e31a9663f989dac98a7037bd88ca540e551faa6ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32817
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAEC 42 B
63 B 41ms
40ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CBEeyqFIsus5xjz1Nm1Fhy2LOZTrttFZZYVQrhDnPrvLLAqsNMNQffmnAfc-LkoJsPGQ1cxhT2B3a8buXFATrhw-9c4JUGWbScDNXrSDmDpThxklc

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame FAEC 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:00:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAEC 135 KB
41 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame FAEC 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:01:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FAEC 0
0 15ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScVsfYeW024OlO56zR0rJur7zeCL8WNLBm9gTbTTWN5OLCGU6OjHGQ4d23ZKjf1g-cCkAe5hfSfLpNKaj2-_-o4x-Djg
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 container.html Show response
57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F37 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:09 GMT
expires: Tue, 23 May 2023 11:04:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3750 0
26 B 46ms
46ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssF_w7aLsoPHlvkFz76Wj30FPGmkQ527KrwC9-7xgrTa3whzpIke4i0xe0q7VOvuJT1wxQjnV5IvpAkoDQr8llcq-745pObJQMKUnaHaY7GEkHM-8mWazi6cydDiwgvibmhnU_dKp5TRc-QTdPvZ_NIR9tiSPVBCqeaE62AACglBo3vBi4jsD5Ekm6VIWjdIf_WfwxPSx1SRpX0pKXZj4KOMmT8r6QN7lAid3D4K-axss-mH1Boo8wx_XdMsFTe5CPqksBxeMHtcV6yoxhZa8e-JqYw951FAMO1zFPj8W6nWo6iUolydmOvsmv28HsCD9YVgN7-sVJSZabKN5YDjaYkMsAIW85q2HyRKZZ-JBrXVj1IGJLU_VEcnkuyxsfTH1OcgA5mboD47i3E8rGygU-nzRh0x17NHKO8YwNSL36H9BVrtFMrlcZuVjIOf5YOghaEBL-svUDbHknQ7xlITZQ9cKPZPXtOwSOYTSOsdFEcykVoJu3siQQU7ra4pAzlsl8b1vYMbRPWCNEV_9LLUrW4o0bvs8gatDx1H079QDIYKb_WPFWbwLiSiZbnLmbWP_EscfEy9vMph_3WjNYfowSVZnvOHHIw6gms3AaYyL8BBsJKh2JaSVJtSJKwMKbFSTG548MsmqT5HvUwzw6GTcL65qA1Mz4hxHGAPWc11987bY39tp_6OSSoodxhUrB-w1O5WTT-2_yhae4RNHbFJDMbUTb_1M_E30C5hqkGEV1TWQOZP8FoC4JeQl2OqcvXIcYMBAExfuGAv7RMSOavhCMvwqCAhhcrs_bp6VQsur8V2MGn8Ei9rQNxmX-gCqeb6EpgLLE8LVDCREn_KyQgN6YBAe8lNQ1vHY-Iv531J_wB3PTJNRx2b6fv2_jRR9XnaPgm0nkfnH50VHANFFqtVXbpkWJ22JOB9a88rP24dEnE77fXyNslWmD2yN2nk6F0CsbZmA1neWY928ZF0wtKzaJoNb6Nh7zgalOtMiW6NDLQYLM1I3d5_T99VYEj0o_KAXE0um9HoPey_O5nK4UZ9o--pdZTWg_rJhNRlUTqifRPb_ev08pct7vdcgOJl0BkSmFtxPVejkaJo0ECbZRMAj1d5HTVrqqfQ1M-VFDg3fju-cfWeSdo7PvFdkMZa0PfTusUM4quBjM&sai=AMfl-YQN580hTUmgRvLSk_Z33pwfWgsiEJeUqtr0xpwJRsnb2cVGPSw27WOKcaNRHep5anurRFP6S0MSgJvxsxtrxw31nTDhB12C5kR7CmgVWMtuz398OJsGTweKdoXn0xv3dJdymn5IDTwbt8SlUr_kJa-UnJpcFgXigH3PmMr6Mn4wNqnvEJTaXhMd_o6_nhNFzVkVrv20c72t_1IrZNQyHGCwbbpiBCE&sig=Cg0ArKJSzCMHgh85xWAuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=895&vt=11&dtpt=558&dett=3&cstd=336&cisv=r20220518.23697&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6062 586 B
315 B 20ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiLo7vGATAB&v=APEucNUATx6Jd3No7TLP5TPZ23dWidXB3dxVm1Qm1teXrtp2aaZu46HDchhU1uA1pW6Mm5_Ycxg76IKHkmaIKrbtcyJgl_BhE4bBhpelRKErxYxDowz0Ci7uPlopJI0gQPNmyAndE3ZFKVuBSVQHpXNWhBNa50YsOQmRWLNW7BaPzE2Czp2VQo0

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 46FC 14 KB
11 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZb_9UQymOXbqboeT8P2xr2LKkMcYRiYfU2rHuVyqaruXcDBxCeZ7Al9jVR5q8FYKOExjB1B7Pu29CUUS7WIYGWblt_GJqaDA05_a3xsj7_UrMA-zgiSxHDouLT5l0kGh1TCCfoL2k5KjhupANB8XUvak0FQ&cry=1&dbm_d=AKAmf-BqNlU7fLO1Wx6T9tlDA9YFVfTzhJDDLy4l8dle4RUUgmFo4_UBTLG_9Ap2wUXHiDmM2kaQzuTSzW6JEWXhmBkesmRVFfQXq6aPG6V56FKpEtEJXTkCE0ldZQuURRa2OzNqvN_cknaAwgOUSwT9tc7aMqk-L3J4sJh9U-OfJEsyRg6w7NY72Nma1DzBYmmtKwnEzBXW44t2CAIixWjuQKj_do95kNBGBb1_fgWE5s-bcJiTKlwdclZjDXK-PYF0HA-l9sA-toTpOpf2ReeyLOpK-2BCFI3GSVvfDWQPgKmHSmWZNK-s1MsKqIksyQYtUng-5DvrLRhPUpgk5rhQ1dW6ZG-gQdH9EgslhlPchJiYoEFNEeS8rc41UyEKhAdpqzesOzCjN7RTFBmi5JLSaNkGujffHorkgr34hksbQBlJ67aZOHkizsZDLSQ5d4yn46z1WEe1dBlUEBE9FaQu3AV487i62n6ZLi4FlcN1SX22kZcN65MA1WZxV61ePW6h8EOYcLecRZhKdvoEGE2CRKdFeA1Oom248BoeGmHuDSRxgtUYsRIkcVsueSLueMbjX-Dh-XpO9HEx_H-ByP1FnD5K9oB65KSqcOJpJf3CsphscKPm3IJsdqIIewxOf_hEmjtnOBX9LTkodGP00NcZsYvNEP0Pdw_oDiKl7IbIqAGJTGcfW5ZvIN0NrKOLSWaMucBQgGW3ui1cflF31Y9yo7f3o003756UqVh_zpIU_Lpwy79oHG2NYwdZ-qcvdFYFKw8fsDtUTuZUrIsQxKExZsqf_COGFueAtMYueF8WNrjNLkVMIumPOfwy0qycwix99J9xXKfYDAwUaEMjG54DJ8wPS7kP0LIxHEsc2UPi0_hNwjYAXckz1Y1QwSCzamf1cUFJHgjBqWC70-ctk3UNDc_x_ms1GSq9h4kKonPTUUMjDQiZs0Ng_qXuiq7hezhR1j850uxdQCNvyKuusywMPfikBqBXkcz7pMuMujRl8dnNvMUWN_ncQkBxoRT1rMEkLVnKNqLRj79PuRJum87lV8bpy7w0sUDio3fShzHdpDrGNDzFPOVuGBIAyf9Wu8dtLXZON4HvuzpPZjlaY3jSz0MCFEL9hSzci-o9Ks3Q-yFDwwnDFGfVUwTYgL53K56dGr9eGVV2b7D4iEnq3Mw6SJAxx36sp2WDFcLjBU8Z6z35EQm0Wt7wXhN7sMx3PhYhsXdPiTsdfif31MsWkn-WXIOqQpIsVApjVTzGD0R9O9bQrYxMKZdz0AlUjKYrcf65ZREcKMsLhBzCnEWMWDOIlZaA_Wvmx_Ovw_Ay1Oa8QQtga_OtlJvyU5y6AABPO5ZgY88jbfo_hTwZse6qoMnHPJCSrI_9eVytW3XHlCeaNsp9W822ivLp3M6l0Lk2cZxy3C3bJKKplo5TWsSTe_uHBc506IOrSqRf2hmNM1Sxy27xTJ2sEs9vubEy791YMhfLvHG6SEMshi2chEcOb5kb0b61z2ZRw3rT0k532SqKCd7ANEOi1czEi_AhUYZAB5qiGq43TXQtMyLCBf14xUPhya6apSzy3nyK7a3P945n88IMKXCQu8GlHqQcJbxjPqNAssd7xebDQPtZdhU63gDjqUqnzPvYyP22022y8ICTO2R2KBvZ-X10mOKnWX_1jl5ErmXiGTCOrorZbfs58veh3vr2TPh9Urq7kDm3QAZfKcFYkTOAn4XeGOQJxgbindmjpmX0oYDrTpWHxCfnRKlu12EXbkMk6QAV_B948guovwO46Z_T1P-dDivKNaEtG9T4Poq3pt0LNyC0yFmLqNqNISh9UQi9obxux8J1Ilalg2CfbCirArwRa63A45S2y6n5ceP2I_zEei5-osmhnEfWvEL_n4Uyzz9lXoQr4_XLRqwaEqRs7CV1C1cEeQ5xa9AkUw-Z3Pyxj_1KhnfIUUTuZ6bEfKKwB0b6vPgs1EUsYP1FV2Ow_Nbg1K5sIxO2jABh912yR6AP5G1TB59HBITC5R8ArqZnG0fgK7aShusAG4bgN32lP18I3ydjZfSFttv5v5yNGpNspR1faie7ZgHgE91JxNm1vgUVljj2mFRmtf-8gd4LzqQLlBC08qy_qPzr5b3unxnIV6TOXjsYrdqLFntoJKL5zHyHueTwg1I-nCht2-J48b8PesD-Yca0p4gBTPjQik231qy168vza6Tg8z5iJwzc277aF-5rz5XUWlcpDW6Q9dExPLlLj6zHqU6BjvyzYPemNn1BaoHWRiRQBgLRZriZLzbxYtLTd9U42lVkhen65dT648Cr2adX30KFJxv7Osa6rsecqPi6TdfiUptjFY3E4wmCaaSjHJJ9R6fZJsvU8gydD2Rr7YEmSvbOYYAlSjfq2gFtXkc8pV7ZyE1hAtY3i9vqXnwlntEFXtuRoXB60j5Pfr-H7f3MIXIJKuExqg-iVvEUEaSQD4P-fCuHJs06YM3UlKiFFhlGonFc_gji7i97IJYUlOSyhFWdqHxsBHvgo4303M90cEu7lKAiiasDSvWxf_Qr9JT6jgNfwIdcjyc4DoKvXlxlfEKhNSeMiNM6GeEAtn9MdYk5rFHWrI4d7TkWwTBFCv803B7Roh_-j4y_9lF9K4VF5IGyUPcVcT2EAUbg0vFOeUdn4ClyvYKxUfiGzuMxEJ45PdrWt5noYJSKJJ46_rAAl3oa4LJmnhbLRcmQIDx8CnLhSJOjgor4mspYJzrfvrKUtupNccTGJuk2ZzaXqfzlcOiAfQJTLKx9NcEP8UnL63QX8uoMugYba83-ftKe2p1rY0iWQmH8NqN8FtMqk1ZuhgmKnDMoy_bKibyivqKUsnX4BEMISesgr_eDG2iXscC9C-ZmMXD86MWGelt92664HRxDd6qnuoV696NaSNz5gfecoBrsnCE8LMJH4lRmGymDZG-RnIGPrx-LvTuV5w3CWsyM1tYclgOqY3vxCOJ_7leiKRg6lNlFkw2nO640Q3RbgUuusYTfM03vYXgBtM7o3f8msgOk-FJe6ROSKEPDBV3G3eM-Gao43sD66YbXXX9e3HroKlIZf3XQ6U0Ux-rfH9xgjLX_cOwP_SZH6sH1uwFF-olDP36um5YfpPVwxNO8QJ_4pRdOnMXDhhZhVuwBmRNjv6Wg8ylDsa0YKam0Lk-wx8tCDmhDxo9YsuFaizljAaRWo3N2ztgCwFLCP2W0NPNyXjH30wsAzF9hp64Vtvuw6yxHYtZSmLZja2csGW2cCag2ogJlxlyJX1uglkg5OyTxsEptCHFi-0Kyk_SA3HPmU8XbM55XEV-Xq-1HZFaG2zKXODRNe2qoLRo22iJ9ZUJdw0kuw57J6q47V1nFPKwbW5o2hsagf3qkgm8f9jtSpuD6PU9vdpnYMeVn_ImKSVRBW2H29WgrjXk6Vjp3553lU8hkJaifWAL0vJB725WpMgrvp4DFf8vcVP2vokgWas-waaXKv0ApO8d3AQkfWHSMYVgRQ_fOUYdJrJWqHg8QHvqQmdKIEZk&cid=CAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7a48449a4f6b7adf1d10fb6b1e4814b718c20e5e9ec02080cbf52db5e58b2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10856
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 46FC 42 B
63 B 43ms
42ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUMkZQY-Tcd0pn5O6S9OJKs0TAtcjt_b009eo6WviCYvK6szPf_blEey7eG4VvWeTSpzFKItGZ19vkl1wN5uxd1ldsxdiAi0biQAIv6OjpUMQ4aPQ

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 46FC 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:00:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46FC 135 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 46FC 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:01:23 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F6AD 106 KB
37 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 09:38:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame F6AD 8 KB
3 KB 10ms
9ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cs85jTqzCztbplimTzaqZCv_xLYjmZVjm-n89mdHwz8Ur4THjwo9kQFbMHm7OKRUaJDeMwyE8cGix_kx7TWSOqXsuZJUs9XxdP14Zo2_8c0IqgCNAMqKPB3W6Q1s3CKxoZup6HoaHgSEgWpXJnmreaufCtcQ&dbm_d=AKAmf-AptC9zyMacQqATZO0ERDNm2EN6gsr8zxTV00NhQ-QS6aRjnhQrxkUg5ITNd28vGjM0IfOfja7IYgAKQ0buQQOl96WPogt9VUX08CD9XRJmqLsCIqot6cIF2nR7f1G3gNtLroRdXwD93H0szYsskOK1znskhI4RgVzXUD5rv6EcVeq_0uROCN-J8zDfReEkBiJaO7bqKsAgWAISbebB7ExXpjNW-igyPAGsujpfO1aBBinkgvA2wLEnjj_-NNLEeO3_Nxciju7rQajcvnczV0A0GCROKAilGyBY2RJJV0YtFSk6OJoLHxsn2-XpoZ4IjcpkiHDz6HZsFdDsOueyv9SPpDQ7f8Tz1OHclhn02TITsoPbzydLgdFqp9yAJVBJhE5VzyN9IilkaOb-18f4z8fxg__R2BQWXq_FtbpS5aKMpozVHy6Y7grv1QJkqNrMTYac2X-WDfs23ffaQ43Kllarr-vmuv4UwvNIoot9s5CjrPauMI1rh50YTinlEKjFhzv3wpN6HSM8efTKZFkuh91Z9OX09_j1G9s0_6eqKf4W93dkJ5d8ESF1DzZOu9QlgYJEyJeyS9S46SFuDd9gVPgesvakOcqRYpxiS87hI730oiiN4uCj1ltKlbA-oZQztzRnP-Swdq-A3wWeHwWgwVzbnFg9rKzz1WfaLIlgiCicgA-pgp7xSoXbE0CpcxmAyu2XTzbs9lESrzCi0puayzCWCloz-cCTkA2_9gSlBqz7xlIW6xnYDNJt2vuHQEPpFmKz4h7RksG0N_b4TpwZ9hjv0OO0g9lFr3O0hXUy_sRAI3H5M-gBGH95frphYTQbpWV0oQbA1A-67zN6S8nIEYM8ji8cvF9-6bY4d_nKpQoLx-llbEY7BfExWhrc5n5GmBY31Tb0CQbzcIQGptUKehJ1PM7NI9hj8NCtbHOpg8X2xqaajCZZYSZGwRcS-iB0pwA81wbC_eS-t-LlMRP6Z6W2Ljx63ExVTVbtl61WHog6TqsNy5bbq8U26glAX5866SR64leD8qQiAWzC2ERX1LdA_bpXA8FtTkO7R5uo5mWF8YJWCRbnoge0SlN3AEReDIGZ67gmUKSv_Qq-xAyP2WBXjVZkc8PHKfwiWYKUbsIHkqURX9W9IVS_ZM7Q0CpXeoM0NbXvEsIuVarmhTLLNbVXq-V4-3m54GrpHunWGAiIVNXi1XIItSjZ9JMWwarFzpTlOM-gMySrE9kOu_7JjoI13KWys8t32smVHdU4YPwzv2jzubUh9Pn61kukjkoiAnElBz2VZc1lI0jb5sGBjFxrGuB52OiZv9SMMblBZCcEkd0af6cqbjZ3BbquWwr-VHxyPTzMGX41H7bywN5PO_VfTilO1jt4xYJxGwvDCXhcficBRiy08bTW48B4GTCh9wuUka8p14krEQZW3cht7XbfYXOqlQvQ7IRiGGK_vWrh59cw-wbbKt8qCKXXKKjER_SVaG7KNSlG4_gy9M9SWt5Pmv-x0i30voC2sJN1C10Am8WBLany1XhcsvBxp57IqUf1mpgySa2U_YiAeCk4F0VI-kegRxuOwkc4nzjOwdWMfuJNPNcX_Ms3b9sorUwkVDBKKn_JDFSn3ubdmQ_yuWzeUmgEycniiO6J31W2jZqDIxH8_F2e5dVdgh1GiE0-8Sy_k3Ki9pm0sVoc9PREUTIZOjTbIXtyPxdgllSXPXmVr7kMszvJj4vHNDw27E-x3TyEChEsRfjhTGiPeOkIR5pOdeGzn-ZTBi4KOfDK8pOy9vxbeutFMDZjULtGuW8p1KGZQ-0CHpeDwXzuGw63oqf7y4qeJkuIqoER8kEYZgrnnDvEoP6EW-2hImBbGd_rIXpuHJF8rY3FUbaNLy2zozqoU9cyT_oGOf2xweIEW7oRnbHRoF05iZyLThrDIrj0DdGVADHq86oT2BP5NSKizhcUxED7gCChL5gOZw_vq-6s-STUyZ2NECJdgTXx1Jzvi72AUcTDB1fc_iLgZume8K5Dx0HZSLwNnAwvUe57dq86xnqKNHJ032ZvEv78hHhaj0KDnxSgV_pJ10KCNvWeyRzYESk5ZUTvaojp8UsPhfFPKBD6hkZEiuNho9vkj2vmWtxCGlWTVrpPeMoRKwl3FQjl9S61SwXGvVfPbhNQfT3XKRdJ7QWBefKaVIjVAK754TxoZxjgdxcImYR6J7o3nUC3yHQtOU5KmRw2hxcJt1q8O0K9syt8Ccz-U01gjbKCxHVhD_dvi56O1_eHZnhcPQOPFTPCiecRvL59X6vHSbJCXeEAWNkMHubbEGbU6mKMjNSdp93hoLlp-aZa2zpE1dOb_QZLOLal-CqcHo59z-bd4LjivvCkiFkvaos02nsgWPWLwMLLPpCkWHlhYgE42MFU25-aEXlYVMdaT-nS1GrGYKFNkcXnynK0kfC_3a6xrU16WCZXsDP-oxH-5nK1epd7FTGx4LkZbibcLFiENuEJiIoOj3QEiv0QcGZ0gqbgHw5yZD_KH-mPPiFkq38AHqsnzPTj3oelEPNioSFRs464kA8EWzPk6rYqjHc73rjhIsXhgX_2EQKk9wcmGpS16U1deqxMkjbwGp3p5aAncAvMtszC6NOEG6BJMjcjNmmD5dgYGYnpCHxvMTDGdtWJOW6YHkWC8SgqITCyDbXpTy_cqd9kojRFmIEOrdvoORrWeSWSPY8qF1lBa_J1XD1uqhVW9Y25W3hSGClKnDIOrkUcIVpXdKbNplOoTYD2r7eTFVvVaMM8nau5iJg_6B4fhc4j116dTLblSHgAxEwWToFUFI5VkWAfiaX-qCsvjfTApLmEsO_7c8ZRnj1J3LOpvU-2CO6-X50Z43BBk9Ww-k_BOYiMZ4P8pFAqzkoZLU1ln3FSi4QUTFHCdnNKsoYRpOu-LMJnqZAxTf59DgnENgyUiF_3TK5qrLwADjPX3KdyVR45QoImlsWrQcMtG6eFj5ftDdGMpVvGZB3JNFNGeW_E1vnT7fBKlhtWzAx0zjizPiRRE9Fk7oTRzlMqwZFiHnsU9Qeu-nRDEz8GOQTMHDIs9Xdfb_FxkEiF-9xqYcKbG-mNKrKm&cid=CAASJORoo3YM0fOzOQ8MzVncvLfxAhCSh8WLV4InTvKWQ8pTIL_pzw&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame F6AD 27 KB
10 KB 9ms
9ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:42 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

43 B
894 B

29ms
28ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVqN5ljMUiP5EeeuN5_X0U9VFj-lex2PabNasla0zN9HsFlOK_ly_bYdwySv-4RI_rtBFRmhs9HY7Jjuz54qAgNv1MdOPOBNvXL5l8PqQ4K_H4is2nK7uw-zOq_k1uDObUHU3C7BA5sS63IJIQ-5TO4JCAJBXDxNT3oPKdOIcL2T0DXcCg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0864
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YotqKiwxqI0AwEVZ-6ne8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1

43 B
894 B

21ms
21ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVqN5ljMUiP5EeeuN5_X0U9VFj-lex2PabNasla0zN9HsFlOK_ly_bYdwySv-4RI_rtBFRmhs9HY7Jjuz54qAgNv1MdOPOBNvXL5l8PqQ4K_H4is2nK7uw-zOq_k1uDObUHU3C7BA5sS63IJIQ-5TO4JCAJBXDxNT3oPKdOIcL2T0DXcCg
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 23 May 2022 11:04:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENQt93RJWFhv9YDZ3oBRJAk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGzt4FjWFq49OmK8Q4IEHGI&google_cver=1

43 B
1014 B

19ms
18ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGzt4FjWFq49OmK8Q4IEHGI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVqN5ljMUiP5EeeuN5_X0U9VFj-lex2PabNasla0zN9HsFlOK_ly_bYdwySv-4RI_rtBFRmhs9HY7Jjuz54qAgNv1MdOPOBNvXL5l8PqQ4K_H4is2nK7uw-zOq_k1uDObUHU3C7BA5sS63IJIQ-5TO4JCAJBXDxNT3oPKdOIcL2T0DXcCg

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:11 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c61a17b2-0b29-4504-ae1b-723755b86929
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGzt4FjWFq49OmK8Q4IEHGI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0864
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:11 GMT
X-Proxy-Origin: 193.27.14.28; 193.27.14.28; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f48d94c0-4c5b-46eb-b5aa-11b157ff5f06
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5MjA3MzcxNjQ2MzIzOTAxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 77ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=41c6e1ba7962898b&pm=cza&p5=lngbo&ad-session-id=550631653303849775&utg=oxum&lts=fjdxztp&ytt=433758947901445&ybv=0.584469&ylv=0.584469&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=hwceajg&sj=GzGLYODQZPhnkMc8RYvbjnOgbZ4GKWlJ0a_bsAK9-r-tysI6YGycE1HglcBF8g%3D%3D&puid1=Homepage&pr=lnheyrm&p1=crsny&rqs=KYq_1bDL11cpaotiEh0M58derNg_2i-N

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:04:11 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame A397
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLPdpsyBz44NaCUMk6cpGg&google_cver=1

43 B
61 B

56ms
47ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLPdpsyBz44NaCUMk6cpGg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
via: 1.1 google
server: OXGW/1a2bd40
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGLPdpsyBz44NaCUMk6cpGg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A397 43 B
306 B 47ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
server: OXGW/1a2bd40
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A397
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGtFuEq_GCOx9ImizrlJ8Tw&google_cver=1

23 B
172 B

65ms
38ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGtFuEq_GCOx9ImizrlJ8Tw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 11:04:11 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEGtFuEq_GCOx9ImizrlJ8Tw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A397 23 B
172 B 98ms
36ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNWbwQm9XE0DLDd5otKhxMkwIgGcvCRUksM38lzMijRA9Okm4hGJ4aq9wSRDHsQghsgQMwoVa2U2_c4P6eOXr9n44FKhVtwT_Y38GM37ZkszVVorThxr_ezLucy-jcNfv40QxHZSUc94Q9comBDqDL4COTT1Fa-GV7S9fpP7lOpzka_-Muw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 23 May 2022 11:04:11 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FAEC 106 KB
37 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 09:38:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame FAEC 8 KB
3 KB 8ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A55WdCzfUltoVEo-en8dP9f_6nyoKo5xONvXy3F4NzV21d1VZD7QfLFtY8ZfCDbOHajYO677-C1ya3dtEowjabR3UbFQ&cry=1&dbm_d=AKAmf-BaqSY1vXBEd0aTUJ3DSDUksqaMV_B84d60W3LGd7Nlvt1UfY1IxzMazQFrlJDXHwWcqXZMBnn-oZtn4Kq71dYSm3ZQGhg-2RfZp7nsA-PWtQ0fnUZ3dWasLn-nDuHqbWbPaajufkDP3sRqGoi_WejczIPyqxVclnZKDF__lq6aVx9EmqeQEAf9L7PDd8oX80haYRFoNmAGRIPj6Mct8eCiy0wAdtxPaexQXUa3_B47cDI-BjH4h-QnXqOdmLzU8TsF3X7PtmU9Daf49GlrvzzkTJwxeRLnF1YQJCCvFPP7CS0cTHUmHBwDa8EhmX5EcmIlFKzJLI9nggtBe2tLbXHa3Dz2Q43AUFEvZmk0wM8TWxZXgMqPZjmqwfpSO7Qm4i9KqPns1X58gqWW4vS6yxOMHfqu8qRIAeczICvIzxgKiV_TwDJjSEVR956ZoA1qeDQ2l4JjUS3GFp7dZpaZ24DpRRTg5LZjQM8BAIHULFQfeTdUdSLO8Zvln8GHCHkqE3jPIhCPw_O40xTJ_zexX7am-NMuIAzVpBhHtqa7R0pb0b2V2CYDUlwNL4BurHlpAMCVI_HGRGWOu-JiJEoTDeFKTmt1Vug77ZSqWVgWmgig95m_udj0PTd_7N6AH7mzWzDIkVQQfzwjrxYkh5Yb2Fh7qJs-JJtKYQf7Gaca4DezBfaUKODnod0CklnZzaTuJdBevzMqabb72Yt4o3SVt2kuKFnG7u_K4tLDMThBSmFjD68McDyryXcKHvu07TocZogIjIGtvQ75DHZOqRfB-8OitRVsrrvsWVIokJd_POiSIY5S6mjrszKdzXSr5S3ZdORUULND6Ekunbr0cxks9H9wCiwKo4DPOGu-_TIq1mFk0WJu42wMtSQ4etOXVASektla_yVtE7L7ly2ItZH1lS427kTXFu88XT35FYgfw7xRmR9vEiUvV6AmDCOthReNEsKFe1X77YVcBb2RTG4bw2wgdGScuEQ1yc7IG1Tm-oLQs4ot18hizQFb7ixMoViGW1ktg6wMfO9FACl7AGLtzmJbFJn1aiFl2XDG-oitQ91PL3T2r8qm2KrqXmaM03HrplwPL4-azs3op1FX5xNZFGNsVg2pyrmcqNivbVevpzi4ynrQTz466_dDvJJ7nc8aVKsTc5ph0LCi0iC7nyUwA2ec8R0L2KJHLE7A0pVbDMNdCyV27ICDYxKnofZcxt7FQpoLIzDzVF6c95j5REDIWio6HxDDktOvt1BO_VQk8IeZL_Rd_oa3NBWUe40Z7spM3uheVIeNRwvM8ZRXSQPM6kyzls88tSVPk1ck0VDhwkGfNTw4IrWcqxwwtqTqIqva4MXCDBSJX7RsSGpDebJYNS1JiyGoLVi4pDjSR4hNWMhfKLj2eYGyM2iZ3laBNHi8D5Ul_thDiU0N9XKyoVT6QHo_XQY5bGjCzZWmZJVRouYqnGLJoMVROfE1QOn-qbe5i_kGx56zboAclZQl8IqPYbYXVqqykoS0V6lTGGzQj4svztrDrkw3CGCFk2D_gr3O23Ht86-KRIIe3Q6Rh0-uZBurSCrymIYxAioEFSfMI4UWrQ0Cc2_SCoygjpk2fJRDEaR2FvA2nmwhLvwXe6NsMXgY7Hd9hz4Wej7a9_gOWvkLrKGno_m203Tj8N-hlvbboGUoPi5vF53bWlPSHmLAWn7uuNq-sMScPxDZ8juzVwgeW1mhhfFuVCt_5hOf78rcqB5GYnobfsTUnNHOXiOPlEwOw29-39SuAOrEOItIazd35BZPKk0STaOJ97ytDcdnV3OptAGOxn97KAYrh5HZJsEgw7sAMHLS8bE8CgabvM4G_Ogb4hMHGAhGyZWIkm1RExuodMNzVRbO5CcLQWykpLTE2FaLTqLZIQ_sLdQDuNEnmaF-vNzkd0Mj6Ehc_F88JRCz9U4K_toRhHdvd3IxB5j_9qWy9NF-IeyRdCWD0A7Yj4sXhY-f1JK7F-24Ggx2v48i9GdEwCDv7qXK5eOl2C7453cJ4bPagNrWDz5V7noGWTh-WyocZJESh5SzPA3vIHMm9-paTDCsBI54-6AoE7QcEy410C5Bt5Ua00U1rvIEQi11AzjIMq57x12se4-xiRI5uffnO0i_9aOZW4xtLMHkZcvn7Hc5CIo9NZH54tki04qBdf6ANJ3xHxNda_HMcnBXFVTnhrShTffKkcjvlc6bf9fGf0gin0MDe4H-13SkwzsnnxPT79Zm0nw5M8Ec7i99UsnGXhG4DZ97Ye2WZkSc0QdiTc5zoblwrsmko04Gz2134VDF2pvFU8JZq84oQP7D9BejCBbphdXH4Smrk9xNkXnmlCXhZlv-QNQTFu7-dyxdEUmPAUou6sSFJzoI-NOQHicxuaoCqX_tQltddwl4Vl1Hm3AwuFxMIsv0oy_BJgdNWglxN2TRAv6R4wbzv1V7jvw5_n2kHVjdGxMARuX_EL2pcnkC3igxAD9tnaj2yR5h7wITfea26KStWtjMmS2t-OYdOiuVJxaKzsvhK5KOIj3hGao5QgOdJCXhX8KWgOK5wTyqNqgluc-fnOJzffXb4LdmH0ilE-q0wFv8ffGA4MHLPbQuLGs_4_QFtoWX4hQqCA0ai_XYLBMtEi4RwrJmBjlGtrNTPAZoP-v2-F4rxtmjzOy1LvUCjncx78Ubikivhq9BP5YyxTXUPRqs1CTAxaIDRhVIqOuKfn9JRvfAc49W5Tpu6NA-EjFAMMsvMMPc9AwmjoKaTx14N97l2Ci8vbAQxqvEDSWWjJsjZDREg8pvpvuwXEkK0cG1i1tsBupW-QUs8Ceosie0Y54zs4ijQsZEBbnb-IXoxkkLhTmzZg2IbwpP2b6yTa5HUkoM0xGypCRpnxpFjkphlGgSh891tCLCsKzkm7PZ3Xhh6T1IFW7_BH6BJ07EzlHL7p1404dri0CDtPi2z37m1VuDyFgwE2X-OYgYtrmEXjLKIlf2e_Bs2itEKRkTBLi9c9Egj23qB2pzl6dnI5PjeLNMB2-6f_kC9RGlPKjW4KTbBsiLoXeTOU0531KaYjCc9SNRAjCz6yR3FCyR4XrN5WegFtpOtvta0Q5YBHgGwVh88vtyhJQDf2Ip8k5_bVclM5tABsBv__mwCjuGWByzKbmjo-dlLO9UMvkkz-Xu_SSnJ5nHbwVXcPQ65sjbMFcT6Q63SNvOncrhE0LgkmNMNqSCHcBQRsRp&cid=CAASJORoKh3tHKjR4U8rYMHFpO6HPGqOae9xBB-Ho6JwF5kuIdvn0g&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame FAEC 27 KB
10 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10463
x-xss-protection: 0
server: cafe
etag: 17671883673189222985
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:03:42 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CAD 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ACA 35 KB
13 KB 10ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6062
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1&__user_check__=1&sync_id=1382e31f-da88-11ec-b979-14604df00206

43 B
548 B

29ms
29ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1&__user_check__=1&sync_id=1382e31f-da88-11ec-b979-14604df00206
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiLo7vGATAB&v=APEucNUATx6Jd3No7TLP5TPZ23dWidXB3dxVm1Qm1teXrtp2aaZu46HDchhU1uA1pW6Mm5_Ycxg76IKHkmaIKrbtcyJgl_BhE4bBhpelRKErxYxDowz0Ci7uPlopJI0gQPNmyAndE3ZFKVuBSVQHpXNWhBNa50YsOQmRWLNW7BaPzE2Czp2VQo0
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 66
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 23 May 2022 11:04:11 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESECbTr0jpEbhXA1nncv-UeRc&google_cver=1&__user_check__=1&sync_id=1382e31f-da88-11ec-b979-14604df00206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6062
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTM4MmUyZTQtZGE4OC0xMWVjLWI5NzktMTQ2MDRkZjAwMjA2

170 B
188 B

30ms
29ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTM4MmUyZTQtZGE4OC0xMWVjLWI5NzktMTQ2MDRkZjAwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiLo7vGATAB&v=APEucNUATx6Jd3No7TLP5TPZ23dWidXB3dxVm1Qm1teXrtp2aaZu46HDchhU1uA1pW6Mm5_Ycxg76IKHkmaIKrbtcyJgl_BhE4bBhpelRKErxYxDowz0Ci7uPlopJI0gQPNmyAndE3ZFKVuBSVQHpXNWhBNa50YsOQmRWLNW7BaPzE2Czp2VQo0

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 May 2022 11:04:12 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTM4MmUyZTQtZGE4OC0xMWVjLWI5NzktMTQ2MDRkZjAwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 64
Connection: keep-alive
Content-Length: 0

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 6062
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEIhvJwO3TzrFv7eDwuFAzJo&_origin=1&google_cver=1

0
254 B

10ms
10ms

Image
text/plain

18.194.10.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?uid=CAESEIhvJwO3TzrFv7eDwuFAzJo&_origin=1&google_cver=1

Requested by

Protocol

Server

18.194.10.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-10-133.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.advertising.com/ups/55946/sync?uid=CAESEIhvJwO3TzrFv7eDwuFAzJo&_origin=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 6062
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

0
254 B

16ms
15ms

Image
text/plain

18.194.10.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Requested by

Protocol

Server

18.194.10.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-10-133.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
date: Mon, 23 May 2022 11:04:11 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F37 0
0 52ms
49ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXN-SK2qLYqnrDdHB3gPU2ZuQCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAmxEGLEPy7E-4AIAqAMBqgTeAU_Q3Gj569ZKMhQ1IOn-0dh9OXWpDNUUXuLq1NGpG9plTvgeCPqTKXPYBUQCWxGVdhduD3p6TQIlHMKsyibPw8nXs0FB32Az4rgcu0BpZOFc0WxnCHdv_Bo767E4QXO5yQxN1bMvRdWE4zO4ex4-Vl18w90H6kVOLLAQeht4ZWZjniGc64pm6QgmEts7XnP0KOnuL8kciHy5jkkf7qThqqjg5GFAZf2UeQCDWO8E1y97L9yY9AJbzJqOuWYZWvwOkJ0C5W1xcpS1UgKEkyG3ZGp8zeVYQhMZ-UXBWkruyOAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODU4MDE5NjQyNzIwOTMxNBjBkGo&sigh=aWrGjQaDtAM&uach_m=[UACH]&cid=CAQSOwCNIrLMFzI9i6uRqwX2H_ozCuV3CUghiRRQa1cyZRkEj8MTKHqmjzgo_EjfBAB98YcmfvWZi5mjMNQEGAE
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3F37 0
0 68ms
19ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Err5RNQHyAGdg2ICAgAAAJ08UUBYP1SW02Tfx6oU-b4QKmqLYnc0To7b2CcgNw43ABIAAA&wp=YotqKwADdakKd6DRAAbs1Cc0_kPfoWJV4G3dqA

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 227069
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EC6B 140 KB
47 KB 166ms
119ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YotqKwADdakKd6DRAAbs1Cc0_kPfoWJV4G3dqA&u=%7C3ISB%2BSDxUMtv5X5ARFDhfWrm%2F%2Fwfu4SE%2F7Mxinv%2FsMM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq-3YNmt6fuhvySC7QBgLSf7Frj7ZrsNHZx8estjVxuKdN1Eevml6QRcnmgYp522sVfX3wWSXVdVU6WVXYSF0r6AOTeUlHNNkfEzZelunRzIm9P-NBlcJtS7mrYM71KhawbPsMhb5HF2IqoyBDDO2fDe1W89XoX2JuGe1zJ9I_fmwrV6G-r_6Ubu1YzsHb-ZiT44tRox-jNbII5p2G6RBmPXMgk7dRWCLj9F9P5mLzjGxzV_rbBX6BQr-mYNuoAmyygFVatKlo8yD5fb7qslSZLBxOQ51FObMXkPd7-bk8dWF_RHaKG-9RqRJS_wLayqSog88iQbPkrw0cvphyGIvSmHjKWsNldt_syEkYNfLuZP4oSrdjLEPvHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChIyEK2qLYqnrDdHB3gPU2ZuQCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAmxEGLEPy7E-4AIAqAMBqgThAU_Q3Gj569ZKMhQ1IOn-0dh9OXWpDNUUXuLq1NGpG9plTvgeCPqTKXPYBUQCWxGVdhduD3p6TQIlHMKsyibPw8nXs0FB32Az4rgcu0BpZOFc0WxnCHdv_Bo767E4QXO5yQxN1bMvRdWE4zO4ex4-Vl18w90H6kVOLLAQeht4ZWZjniGc64pm6QgmEts7XnP0KOnuL8kciHy5jkkf7qThqqjg5GFAZf2UeQCDWO8E1y97L9yY9AJbzJrMu0eL3XOSgyKe8c6hTzJNWxaOJSuZfOjIBdj-sKwH1V1E8M79d0XzPOAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JvrTQSehGXcWayw7aD1-2DIJl0w%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55e5e23f1de31a67a9335450ab9ce95793b9cfdc364ead2d4a700a7b7bce32b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pULWF53P7qptZ4AFscBpaDzPFCOI47_8PqpqnyZqWHR1y7NDuaV7bOD9dY9UxAKudylBdTHLhSrNYm2K0dXO8LIZuo3TL5XDmsNi3tYtBaEe78SjPo9NwePbHFK8FF_X-4fMWhj9Zfw4ucuw8R7Cl93C8BwftmFQ61TZQP4PFusp_neN0z1Yu_lOjjK-c75hevNQsd_8ZZoQ0kzn5URhslVIwWutLqFjWRIBFGE3F9ZXa-HiP7Egkf7H4bPekqmv_FsBgg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 96245867
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3F37 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:00:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE93 1 KB
751 B 10ms
7ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F37 135 KB
41 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame 3F37 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7211
x-xss-protection: 0
server: cafe
etag: 2988716039725867132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Jun 2022 11:01:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3F37 0
0 17ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQG1q9U-7KfaAXLMj5px_rzJ8_aHpdq5BBEvCJegeHVEEPo5VcUEAxuPtH3hXQgB4Masj83j3XRFPxEc3aBvpL5iOU_bg
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3F37 22 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 13:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 May 2023 13:42:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 46FC 41 KB
15 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZb_9UQymOXbqboeT8P2xr2LKkMcYRiYfU2rHuVyqaruXcDBxCeZ7Al9jVR5q8FYKOExjB1B7Pu29CUUS7WIYGWblt_GJqaDA05_a3xsj7_UrMA-zgiSxHDouLT5l0kGh1TCCfoL2k5KjhupANB8XUvak0FQ&cry=1&dbm_d=AKAmf-BqNlU7fLO1Wx6T9tlDA9YFVfTzhJDDLy4l8dle4RUUgmFo4_UBTLG_9Ap2wUXHiDmM2kaQzuTSzW6JEWXhmBkesmRVFfQXq6aPG6V56FKpEtEJXTkCE0ldZQuURRa2OzNqvN_cknaAwgOUSwT9tc7aMqk-L3J4sJh9U-OfJEsyRg6w7NY72Nma1DzBYmmtKwnEzBXW44t2CAIixWjuQKj_do95kNBGBb1_fgWE5s-bcJiTKlwdclZjDXK-PYF0HA-l9sA-toTpOpf2ReeyLOpK-2BCFI3GSVvfDWQPgKmHSmWZNK-s1MsKqIksyQYtUng-5DvrLRhPUpgk5rhQ1dW6ZG-gQdH9EgslhlPchJiYoEFNEeS8rc41UyEKhAdpqzesOzCjN7RTFBmi5JLSaNkGujffHorkgr34hksbQBlJ67aZOHkizsZDLSQ5d4yn46z1WEe1dBlUEBE9FaQu3AV487i62n6ZLi4FlcN1SX22kZcN65MA1WZxV61ePW6h8EOYcLecRZhKdvoEGE2CRKdFeA1Oom248BoeGmHuDSRxgtUYsRIkcVsueSLueMbjX-Dh-XpO9HEx_H-ByP1FnD5K9oB65KSqcOJpJf3CsphscKPm3IJsdqIIewxOf_hEmjtnOBX9LTkodGP00NcZsYvNEP0Pdw_oDiKl7IbIqAGJTGcfW5ZvIN0NrKOLSWaMucBQgGW3ui1cflF31Y9yo7f3o003756UqVh_zpIU_Lpwy79oHG2NYwdZ-qcvdFYFKw8fsDtUTuZUrIsQxKExZsqf_COGFueAtMYueF8WNrjNLkVMIumPOfwy0qycwix99J9xXKfYDAwUaEMjG54DJ8wPS7kP0LIxHEsc2UPi0_hNwjYAXckz1Y1QwSCzamf1cUFJHgjBqWC70-ctk3UNDc_x_ms1GSq9h4kKonPTUUMjDQiZs0Ng_qXuiq7hezhR1j850uxdQCNvyKuusywMPfikBqBXkcz7pMuMujRl8dnNvMUWN_ncQkBxoRT1rMEkLVnKNqLRj79PuRJum87lV8bpy7w0sUDio3fShzHdpDrGNDzFPOVuGBIAyf9Wu8dtLXZON4HvuzpPZjlaY3jSz0MCFEL9hSzci-o9Ks3Q-yFDwwnDFGfVUwTYgL53K56dGr9eGVV2b7D4iEnq3Mw6SJAxx36sp2WDFcLjBU8Z6z35EQm0Wt7wXhN7sMx3PhYhsXdPiTsdfif31MsWkn-WXIOqQpIsVApjVTzGD0R9O9bQrYxMKZdz0AlUjKYrcf65ZREcKMsLhBzCnEWMWDOIlZaA_Wvmx_Ovw_Ay1Oa8QQtga_OtlJvyU5y6AABPO5ZgY88jbfo_hTwZse6qoMnHPJCSrI_9eVytW3XHlCeaNsp9W822ivLp3M6l0Lk2cZxy3C3bJKKplo5TWsSTe_uHBc506IOrSqRf2hmNM1Sxy27xTJ2sEs9vubEy791YMhfLvHG6SEMshi2chEcOb5kb0b61z2ZRw3rT0k532SqKCd7ANEOi1czEi_AhUYZAB5qiGq43TXQtMyLCBf14xUPhya6apSzy3nyK7a3P945n88IMKXCQu8GlHqQcJbxjPqNAssd7xebDQPtZdhU63gDjqUqnzPvYyP22022y8ICTO2R2KBvZ-X10mOKnWX_1jl5ErmXiGTCOrorZbfs58veh3vr2TPh9Urq7kDm3QAZfKcFYkTOAn4XeGOQJxgbindmjpmX0oYDrTpWHxCfnRKlu12EXbkMk6QAV_B948guovwO46Z_T1P-dDivKNaEtG9T4Poq3pt0LNyC0yFmLqNqNISh9UQi9obxux8J1Ilalg2CfbCirArwRa63A45S2y6n5ceP2I_zEei5-osmhnEfWvEL_n4Uyzz9lXoQr4_XLRqwaEqRs7CV1C1cEeQ5xa9AkUw-Z3Pyxj_1KhnfIUUTuZ6bEfKKwB0b6vPgs1EUsYP1FV2Ow_Nbg1K5sIxO2jABh912yR6AP5G1TB59HBITC5R8ArqZnG0fgK7aShusAG4bgN32lP18I3ydjZfSFttv5v5yNGpNspR1faie7ZgHgE91JxNm1vgUVljj2mFRmtf-8gd4LzqQLlBC08qy_qPzr5b3unxnIV6TOXjsYrdqLFntoJKL5zHyHueTwg1I-nCht2-J48b8PesD-Yca0p4gBTPjQik231qy168vza6Tg8z5iJwzc277aF-5rz5XUWlcpDW6Q9dExPLlLj6zHqU6BjvyzYPemNn1BaoHWRiRQBgLRZriZLzbxYtLTd9U42lVkhen65dT648Cr2adX30KFJxv7Osa6rsecqPi6TdfiUptjFY3E4wmCaaSjHJJ9R6fZJsvU8gydD2Rr7YEmSvbOYYAlSjfq2gFtXkc8pV7ZyE1hAtY3i9vqXnwlntEFXtuRoXB60j5Pfr-H7f3MIXIJKuExqg-iVvEUEaSQD4P-fCuHJs06YM3UlKiFFhlGonFc_gji7i97IJYUlOSyhFWdqHxsBHvgo4303M90cEu7lKAiiasDSvWxf_Qr9JT6jgNfwIdcjyc4DoKvXlxlfEKhNSeMiNM6GeEAtn9MdYk5rFHWrI4d7TkWwTBFCv803B7Roh_-j4y_9lF9K4VF5IGyUPcVcT2EAUbg0vFOeUdn4ClyvYKxUfiGzuMxEJ45PdrWt5noYJSKJJ46_rAAl3oa4LJmnhbLRcmQIDx8CnLhSJOjgor4mspYJzrfvrKUtupNccTGJuk2ZzaXqfzlcOiAfQJTLKx9NcEP8UnL63QX8uoMugYba83-ftKe2p1rY0iWQmH8NqN8FtMqk1ZuhgmKnDMoy_bKibyivqKUsnX4BEMISesgr_eDG2iXscC9C-ZmMXD86MWGelt92664HRxDd6qnuoV696NaSNz5gfecoBrsnCE8LMJH4lRmGymDZG-RnIGPrx-LvTuV5w3CWsyM1tYclgOqY3vxCOJ_7leiKRg6lNlFkw2nO640Q3RbgUuusYTfM03vYXgBtM7o3f8msgOk-FJe6ROSKEPDBV3G3eM-Gao43sD66YbXXX9e3HroKlIZf3XQ6U0Ux-rfH9xgjLX_cOwP_SZH6sH1uwFF-olDP36um5YfpPVwxNO8QJ_4pRdOnMXDhhZhVuwBmRNjv6Wg8ylDsa0YKam0Lk-wx8tCDmhDxo9YsuFaizljAaRWo3N2ztgCwFLCP2W0NPNyXjH30wsAzF9hp64Vtvuw6yxHYtZSmLZja2csGW2cCag2ogJlxlyJX1uglkg5OyTxsEptCHFi-0Kyk_SA3HPmU8XbM55XEV-Xq-1HZFaG2zKXODRNe2qoLRo22iJ9ZUJdw0kuw57J6q47V1nFPKwbW5o2hsagf3qkgm8f9jtSpuD6PU9vdpnYMeVn_ImKSVRBW2H29WgrjXk6Vjp3553lU8hkJaifWAL0vJB725WpMgrvp4DFf8vcVP2vokgWas-waaXKv0ApO8d3AQkfWHSMYVgRQ_fOUYdJrJWqHg8QHvqQmdKIEZk&cid=CAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ&rfl=1%2Chttps%253A%252F%252Fwww.nur.kz%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H/1.1 200
OK tvoquqemwxkm Show response
hal9000.redintelligence.net/zone/ Frame 46FC 11 KB
4 KB 53ms
13ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/tvoquqemwxkm?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: cc79ccad4ba93bb7314ae08ce7226081e21d9379bc0442cffc42e8f0ba56c407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:11 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3901
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 4 KB
2 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 263337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1567
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 09:55:14 GMT
expires: Sat, 20 May 2023 09:55:14 GMT
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6AD 0
27 B 52ms
52ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmWllCfA7-QpMXetBwbsgGgRDtZpzQKeI88BJqt4EaWIw-p-6ypELIdup40xQLtpYsQDJZ_vY2ezpnFclBKpzXw12hV1uVIp8bRlEeUs-cAbAmaZra8AGox8zjc08sgEqN20YtOS5cByTk-3lrpEprjIXNS0q3u7b5d6McffYG4V_xDYtC7rDMy8-AgZuefKpH0UhjDbJKyDWa1HCxi_B0J1Xm0BZ3Qg0MjFs3YDsLWB3DSxcZ5vgDmcTUkHICkrzQSHk3qs190tgsXnguE0vrn9csThVztJBYJ6zcN_KJ4P7baw9KRYW3QuhuElQb_x8s0JUOG7Y72mR48HTZrPU6R0mqkniQ6jUl8o6XV_gC2Hx1clu3i7JoEHtEuTfIUxOmles7qpi9HX2B5m8SUfRUlN4-0im-K10e_qycEv-X45b8JYkwQvwvf1UYZWCDP8_MXt7p2MIaXSFJInQp5qPIaoIML1oa7fc-sJtNNKQc03bj4tpxVgVE_x-QMEt9D41V2v3jfOYRev5SbKrOWykI05uRMvrpU96cU7meV8gSAIjnUvm9EePen3cmf1hqKONQoYyRpI1rANWiSh5-QyxtqHcsYrdmnNvn-g2BPaybT08JtgWlGj93H8CoG_f_jt_3nbhV3KoizYrCnkkflTFyJrKna32WVoifY0LFfW6qnle-cv74-3pWuCjLtJkalzaRuSjUnRx5ajRcgZl0P5nST7Qmb_KtH-pIKkFIkJ2oMdpEz57B5cJJQGA-hUD2r1urnSZZPT57qAtwVaM4d6T7IufxUo5AZwogpSGnmNdaMoAsWwnwDXNWnHIWFuuLdu9uhpCkqDxfeWnJNbilaYJGM_mx8Ywivb0f9aJZ-VGx3ORjAUIZMQjELPHq05xBWxEQ5vz2pxidy71kjxFp1HX_25FrsOV4xwJo7xg7YbRvaG_Qj2ieNSG-p8bS7AgKgBMsue-hRuPQPLilSJSu-9yrXBP-sqJF8LwgGyfSTnMofj6u8xViMKI2cqOjpX-TOQsChyIA61ccgXKNEyecgMWs-9lxzUiNZGtpuMV3uIqWHGT1aHXhciTyF2cyTvOFcqXNkyjHSHPms7X7JOv4FaMfLRjqxIsp3BHWjhTUh0vA1B3yE_GRKsYQ5dGIbI43bij276ucwyH-D6IDoysGm8fP2hB9rrofJ7c-RT0OXn79FZzW&sai=AMfl-YTXgeEtE44Bd8ad_2qK87QCHlm2KXHkSLChymIe2TULgkQM_PoWYfuocdQTXc81LJ12eyMwJcb9fZsamkN0nrPdKcn72ZmQSypGk4ssH-W1fP_p9P0_h4WB7rnIL16fDj6_UsqXSebUXgjciLRvRj4OSLA2fZD3xx9PLPZ8attRw7L9huwK9fya8ZhGEF_X3Ue_KjL0507ZBFkMu3NuAQ&sig=Cg0ArKJSzAFHbbb06KksEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=272&cisv=r20220518.27285&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 11:04:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame F6AD
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

15ms
15ms

Image
image/gif

18.184.26.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 18.184.26.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-26-149.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:12 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 23 May 2022 11:04:11 GMT
Last-Modified: Mon, 23 May 2022 11:04:11 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F6AD 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B00C 1 KB
751 B 7ms
6ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DCEF 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F6AD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35907598cca5239c34a3007c5895908ba662945d54c76d3363f7048040cfe5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 V02_728x90.html Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 15 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 273845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3248
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 07:00:06 GMT
expires: Sat, 20 May 2023 07:00:06 GMT
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAEC 0
27 B 58ms
58ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRmg4stMbTU-iELa0rHDOKWIDn1nYVPfSeL010oCfXHXLaa8V7k7z35vkxD-b7Vv36_Wwt8Zw1oVwH7ba3dRIoribQuJyYBstoBJuZlamf__MVQ83vjoNaw78dY-srUsEnQSiHtPQl4fI6JxfowdEuV1LGtS_cCfV1N10C9p3ffHID6NMO75jLPVRNFWHpBr4AK_BSDs8yNWOBepmMjxLUr6V2j7it0iWjmde2rTm-at8qEq2XoRkNYTnmzAhY57xosDAD5XFX9V_72GVcZbYY5ziowJ3ayoSn28ShMFLLvjKi2sovCP7I6l4e08GZJIHQE6YcfizSHG5hlEOcymj2PLzwI9B4gTUaXC2mQNwPzUE67vURY_Bpit0Vza2k5nDV3XfvsVZyvBmfjQFxFdfviXWMWu-c5Eak_sEVJbov35X7JT8SzIEL8r4XO9MAgpo5zEPEXfZpswzhEvkGQ7zSMEolAPbHV8yqMuEJWgutwOsVX-AVS5eAxOj4bXiPRfsAPJowQGtLl0oud-D8ijVCNlx3n0B3Lj4NU9s9cmXrxQMdgqiAuVIyZkADMlXOKBXkgSTEHTRVWAFIlWO5x-o0o9m1di4K8Cr2HoG2S6Ue_xgg3uLaQcb0uGswDzJ3gVQyWXr1mrktNmwEKxVg_sXJHtYkAC3tnmIFzB_Myx4af7-LVeSMg03nO6_AErWU_NCq6-KIwvn-WGLHjESIntsOEVgB2fvQN6McDhTRVQJosijBx8X2_EUSqUCKNAXrRB5xDS2Do9ob0N98VvDzkecDDFmHUs5o1tokr1ZqZSPBZcQ8FPL7zh40-OoX7KoztVKYkskOKMbwiFpGGvwoyS0KwZlMqHzZkJ8reRzUKbF56-R6aXiF3EuSF0VHIoZPb8e8_HBGl4Q7_cGP1QbbG-TLozK214gAX_JqCA12sRenxlcKUyLaoJPX_h2JwMGv0_RoZAeOBITltxCr8iTX1LcoKRyXp5jagJ7HswIATO_iZOd2Htrgk3ojKim7SxLmJ45xoT_9ZmRUPowSYazUhFHOOaq_MjvD6XkmEPvLz08bU7R3hv-d6lD1EySai5r-lxvII6CSizaWhCfxGPpl7BrOe45ITb0JtshLzqgwNtVjfJpE8vc89G2i49RE6tGRVaFRVRaWem-9&sai=AMfl-YR198O6oUROBJwbB_zRUUZcem8lRjfRKIbLy3W327FjRaKLKozsDzWnPVRmPQFyIUbt4SdQEgl6kYXmB7P3JW8Cg5FKvetFzUBkuT4yfN9Fy1UC9iHJjvKiplRYSuMNc7HxAbYDfNdqKZB2O73enrgGMGP8VZZL0AaCFFbJIhrbzqWkBR4WFPkFpB6yngkC2r7alDwZqDTeoRuIQmR_NQ&sig=Cg0ArKJSzDphMfQ57jf4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=273&cbvp=1&cstd=270&cisv=r20220518.54456&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 23 May 2022 11:04:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE93
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMKnc_WtiXRA-c2vcjejVBI&google_cver=1&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK4b5DN-ZOYi8tTMtAU&google_hm=co6yWX_ETHq-bYGrkNqK5Rw

170 B
188 B

29ms
28ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK4b5DN-ZOYi8tTMtAU&google_hm=co6yWX_ETHq-bYGrkNqK5Rw

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJ0ga_InGkl036R9moG-PF235lMazk8CZHYlQfLdKUuUg37A6phwAxZ92Xq0uDD7p6G9TM9pX_CDIK4b5DN-ZOYi8tTMtAU&google_hm=co6yWX_ETHq-bYGrkNqK5Rw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE93
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUCPMW25xfpuMrAC_895cE&google_cver=1&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weL...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weLqbxV...

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weLqbxV7v3rOhNXc

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPIgmSbISbtAGLsb38To8H72dM1EODPZhUFUeDMmEX49AF_DPgjw_0AF1Cpx5cppMF62YHVtYmgm4v3weLqbxV7v3rOhNXc
Date: Mon, 23 May 2022 11:04:12 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE93
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENKU_BiAg7FkQkn3GjvBjWQ&google_cver=1&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgt...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENKU_BiAg7FkQkn3GjvBjWQ&google_cver=1&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY&google_hm=WoNIzDptR6-TcrFxvvvJKQ==

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY&google_hm=WoNIzDptR6-TcrFxvvvJKQ==

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY&google_hm=WoNIzDptR6-TcrFxvvvJKQ==
Date: Mon, 23 May 2022 11:04:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET gg_pixel
sync.adaptv.advertising.com/ Frame CE93 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE93
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbN...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJk...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz

170 B
188 B

25ms
24ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ_ao4sZPQ-2EvluDwJvY4kvHa78SXNy9TzWYnid-f2Lz1d9Du00CVDan3bnrDdWLo7hBMrwYAcz_tAujfp56lJkbNcwgMz
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame CE93 43 B
351 B 53ms
27ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKrxurGh7XnBzw430zcl8YU&google_cver=1&google_push=AYg5qPJrzqd90p-oDxXqL9nn_VxYYzobO70amQZ76MEx6hLK0PabNS2QXiSp_VioxOeIM_4UHduhNbyOLw9S2F8VvIDJOs19iwDo
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: n74v7rdpbjsqmde3uk1jonbd9u1e99d6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE93
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAn4mYcrA1E5f36RJzHhjeE&google_cver=1&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0o1VnWEL4xnA1K0g

170 B
188 B

31ms
31ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0o1VnWEL4xnA1K0g

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPI3KP1Brwuyl7tbtdAdgUO-ekS5l3II3Ddvu-p7RQmK9Muv-qMeV8fPiqRJ20dN-GLZ1ZI0z7Kwr3p0o1VnWEL4xnA1K0g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CE93 0
12 B 20ms
18ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjruVfHmFQL23OzY9JFqsSJP0OxhLxRG9rcwL0ZzPvVKHBMbaoNwafzH8mw5OTPA_YXvrS

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FAEC 41 KB
15 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DB44 1 KB
752 B 14ms
11ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 1 KB
532 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 19:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 495
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 19:20:25 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2522 109 KB
37 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 11:04:12 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 8 KB
2 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 01:57:15 GMT

GET
H/1.1

200
OK

request.php Show response
hal900027.redintelligence.net/ Frame 46FC
Redirect Chain

https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

91ms
67ms

Script
application/x-javascript

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 651ae67e20cfc651d60dfb7df16aa8e98e105a9aa78e2c5d550a7f11a728a472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:12 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 33785800092820404444996011968027
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1322
Expires: Mon, 23 May 2022 12:04:12 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:12 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 23 May 2022 12:04:12 +0200

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EC6B 2 KB
1 KB 59ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YotqKwADdakKd6DRAAbs1Cc0_kPfoWJV4G3dqA&u=%7C3ISB%2BSDxUMtv5X5ARFDhfWrm%2F%2Fwfu4SE%2F7Mxinv%2FsMM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkGpGzsxDu6uJ4QYXMtp9P6T6NR2X-xXQq-3YNmt6fuhvySC7QBgLSf7Frj7ZrsNHZx8estjVxuKdN1Eevml6QRcnmgYp522sVfX3wWSXVdVU6WVXYSF0r6AOTeUlHNNkfEzZelunRzIm9P-NBlcJtS7mrYM71KhawbPsMhb5HF2IqoyBDDO2fDe1W89XoX2JuGe1zJ9I_fmwrV6G-r_6Ubu1YzsHb-ZiT44tRox-jNbII5p2G6RBmPXMgk7dRWCLj9F9P5mLzjGxzV_rbBX6BQr-mYNuoAmyygFVatKlo8yD5fb7qslSZLBxOQ51FObMXkPd7-bk8dWF_RHaKG-9RqRJS_wLayqSog88iQbPkrw0cvphyGIvSmHjKWsNldt_syEkYNfLuZP4oSrdjLEPvHE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChIyEK2qLYqnrDdHB3gPU2ZuQCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNKAB1bbS6gPIAQmpAmxEGLEPy7E-4AIAqAMBqgThAU_Q3Gj569ZKMhQ1IOn-0dh9OXWpDNUUXuLq1NGpG9plTvgeCPqTKXPYBUQCWxGVdhduD3p6TQIlHMKsyibPw8nXs0FB32Az4rgcu0BpZOFc0WxnCHdv_Bo767E4QXO5yQxN1bMvRdWE4zO4ex4-Vl18w90H6kVOLLAQeht4ZWZjniGc64pm6QgmEts7XnP0KOnuL8kciHy5jkkf7qThqqjg5GFAZf2UeQCDWO8E1y97L9yY9AJbzJrMu0eL3XOSgyKe8c6hTzJNWxaOJSuZfOjIBdj-sKwH1V1E8M79d0XzPOAEAYAGiYjw842givl7oAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2JvrTQSehGXcWayw7aD1-2DIJl0w%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EC6B 2 KB
1 KB 58ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EC6B 308 B
636 B 19ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EC6B 293 B
621 B 18ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame EC6B 43 B
348 B 62ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-_XgymqAaxkM4kUCQyvZbYlLVcr6mxej-tZVJMtd8naBZrdPFxWhhXsUtncocgRmfYf_ehrqva_V4iqvLpaHHOW3GTJF2Da3Dt3MnyF5Bjw5UG6CPEemVDvaRLOO4Ck2MnyyDJSi6quceHE0Y9W6HHoudCaNb4fUNAP3oDX3lYZn5P44fxNMB8drSoQOU0bH_uKIbRMg9-kagVQLtaObZZvtRaedgO8F54Euzfrr0niX3om5AwRj5go4V0SxD-GmryWAeyFWQkM0-5EQ1KuzByjhwuOzqpmmYfNnYndORkwYO08hxclP0TE3Us2Fvef3aa883DixcgPQw2QvvA5Xl-0ihzUotVKj7DA0xr_4t8GJUMdQrES6SS7YLtGhoVFXLd9UbtSLBS1yMp9kAdKwoLMSZ9XhBKys3WjHMGN_ZPj5v3uCqPz2rkDfoEcxKJs0-mC9ug

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2912273
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FAEC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01bb9345cf1d8d3848f4be8cf137ef037a99a3fb521d179ccf37df677562aec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F37 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f29df1f053964fb2ed7827a0c4361958c83e1bb174db83bd32edd06b4a5b6fda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8245 22 KB
8 KB 15ms
12ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 55 B
115 B 9ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 731 B
275 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 24 B
84 B 15ms
12ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171349
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:23 GMT

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 281 B
198 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:06 GMT

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 247 B
236 B 19ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:31:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:31:58 GMT

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 21 KB
6 KB 19ms
17ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171364
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6286
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:08 GMT

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 3 KB
1 KB 19ms
18ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 8 KB
3 KB 20ms
18ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3145
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:32:00 GMT

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame DE4F 134 KB
45 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 10:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46435
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:47:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 23 May 2022 11:14:18 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 13 KB
4 KB 24ms
22ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4332
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:17 GMT

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/ Frame DE4F 5 KB
2 KB 24ms
22ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 06:00:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277443
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 06:00:09 GMT

GET /
google2waycm.netmng.com/cm/ Frame B00C 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B00C 0
104 B 100ms
24ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBcnMuOTXA_er2FI_7lRF4c&google_cver=1&google_push=AYg5qPLpGNVPF3EtPJCBgd_a2l46By9ixZB9XNtWQ1YPgzjC98ynUt8qpgxxlfekeckRZXNPsBeLZspPHqiDQ8W9nfOCdLD3Fuc
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B00C
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1UQ5K-6I7hKhkKdZuzGjQ&google_cver=1&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPvN9Z6xYaADEIc

170 B
188 B

38ms
38ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPvN9Z6xYaADEIc

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 May 2022 11:04:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIHJ2GHWnrymz5DIHZ-K_Z4SguIN4X--c0eXRRr7BaBqWVI9O4HSAiVh4uNT7gT2eE0ZfBiiWypjcKxVIPvN9Z6xYaADEIc
x-host: tde-deliveryengine-production-5cc5c75555-tfssn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B00C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi7...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi7...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI&google_hm=EsC4pGZH9ngGli1rSXC0rooN

170 B
188 B

26ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI&google_hm=EsC4pGZH9ngGli1rSXC0rooN

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 May 2022 11:04:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLIRJc6nG9_-0QK2Aq3feU8JSYWwk21a1e-bGR9RRCm6rTZU3pg3snXBN73mOBNXzOKZUZsO8jNXfi43Czi70nxVlJJsVI&google_hm=EsC4pGZH9ngGli1rSXC0rooN
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B00C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI3dBFZd1KDyuGLDFoEkrsM&google_cver=1&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F14bUe8Bi1cZK

170 B
188 B

31ms
30ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F14bUe8Bi1cZK

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 May 2022 11:04:12 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPI0_gz6S61hnC_EtySwdobDYxzDlLIQMtAqZ3weEkxnhWzwLGvnuk5_yWHR5kxTokbm2WDBPYKYebfMYK4F14bUe8Bi1cZK
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 0JmSZyHkY09PDZRFBNLMr0-l2k_jXnSnOQbwAecNuOhbWH7qzPWODQ==

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame B00C 0
75 B 172ms
20ms Image
text/plain 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECFV_EHz_izSrMIKqmbw1nY&google_cver=1&google_push=AYg5qPIglLNw4MKqK4-4BOSyDDdj4Jovs1ky7szD_naFEnr0Ar45pOvEzyNeMJirwo5d9GFB0K_v-54hMzYxbCdppaFyD-P2k2eO
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame B00C 43 B
71 B 15ms
14ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDmFUYDN-yFSLPn_aXF_4-s&google_cver=1&google_push=AYg5qPLoXxNftrNoGnPMVtX7K4sGSASLQC3V-ou6_hOShkmcdbsibjJh7v_qhgXRamYhAKfZN36LdYHjlPeHgcTGRunMG-eGpt5F6w

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 11:04:12 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B00C 0
12 B 23ms
22ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOjGtI2jjdEY7UObmte7tS7wNjsyySMJ01sLcv35QyEqxsmmrm-fAHKg1Jb6QAk_wv52Dpqg

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A0E9 22 KB
8 KB 12ms
12ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 429339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EC6B 12 KB
5 KB 56ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3395830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5oG7gCiC45yaiPTW0tLeVY1qIuZbn%2F9NJDK0tmdl%2B%2BUkjmbSKQd6BCkVj2dDKbCEqFV9YAOWlegHth5Ig64YazXxFLKQqrnCvV4tIYJDDfeHVQbnKKx3Bv62nLAzSFmvkgb9fIujiVr9YPCtYVAnGNa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70fd4f35ac852325-ZRH
expires: Sat, 13 May 2023 11:04:12 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EC6B 12 KB
6 KB 18ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame EC6B 58 KB
58 KB 47ms
15ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame EC6B 56 KB
56 KB 79ms
48ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 12 KB
12 KB 72ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=396&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2F58210e29703e46eb83defcd44eacbefa_square-oscuro.png&v=3&w=196&s=hNXovYvZ3ns_kIf7-J9TZDdR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28752223
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12049
expires: Fri, 21 Apr 2023 05:47:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 39 KB
39 KB 88ms
33ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fdcaf6811-74e4-4c93-94b9-18b8adb9813b_55fd7554-ee4c-4971-9592-5e1871371d21.jpg&v=3&w=400&s=5--N_Tdrcf1APbYcNcqsU9Ww&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=895813
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 39728
expires: Thu, 02 Jun 2022 19:54:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 43 KB
43 KB 112ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F71aad7d0-936f-47e4-8b32-21424a146dea_9c47f232-3888-436b-9fba-002db30fa499.jpg&v=3&w=400&s=ALjLE8Tu4EqGN14HAT55BRf4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ab65ebc1dacd85838761ee9947a211d6b7a9cd1647dc82c319152215e162960a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28553
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44210
expires: Mon, 23 May 2022 19:00:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 37 KB
37 KB 133ms
78ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fb2e11661-b20e-4828-a072-a1d919ba832c_e4b2427a-8751-481b-abc0-8e8fe8802561.jpg&v=3&w=400&s=P9BEQrvcVjKdXsXMpChdvDPE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=511552
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 37914
expires: Sun, 29 May 2022 09:10:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 38 KB
38 KB 108ms
53ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7865e9e3-7f69-4799-8388-00d873fe870e_da728b7c-9233-4b0f-9e66-8edf570fb440.jpg&v=3&w=400&s=UZgR-oFP0VXSyoi7v97vyPGO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=525549
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 38416
expires: Sun, 29 May 2022 13:03:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 51 KB
51 KB 123ms
68ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F80cdefc6-6e53-42bd-9c77-4123b733edbf_49733da2-6e0f-4c2b-bd54-ab2c5e9054b5.jpg&v=3&w=400&s=X51Sjfsnat036jqjiLLv3hF1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2870218c8f77e99ee71a4a49fe9429780a452b4081a1fb38c2d57f10244c7bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1140737
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 51980
expires: Sun, 05 Jun 2022 15:56:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 12 KB
12 KB 100ms
95ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F450cf5a9-a07d-4c90-a082-12ab1c5e6ce8_0733d952-7eb0-4056-82d3-32bebc9c109a.jpg&v=3&w=400&s=uw2TI9lLLdk0w8Jn62G2JatM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d7ce8e4aa4ddb80304b11750b39deaa517d293fad81e19ab9c0fb58c4529e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=781398
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12216
expires: Wed, 01 Jun 2022 12:07:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EC6B 113 KB
113 KB 100ms
95ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F4788d9af40ff4189aa746ac1604a10b0_img_horizontal_1.png&v=3&w=1200&s=1ORMDbbPSYwuKguhFKbMxNlT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29141605
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 115624
expires: Tue, 25 Apr 2023 17:57:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EC6B 0
128 B 56ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pULWF53P7qptZ4AFscBpaDzPFCOI47_8PqpqnyZqWHR1y7NDuaV7bOD9dY9UxAKudylBdTHLhSrNYm2K0dXO8LIZuo3TL5XDmsNi3tYtBaEe78SjPo9NwePbHFK8FF_X-4fMWhj9Zfw4ucuw8R7Cl93C8BwftmFQ61TZQP4PFusp_neN0z1Yu_lOjjK-c75hevNQsd_8ZZoQ0kzn5URhslVIwWutLqFjWRIBFGE3F9ZXa-HiP7Egkf7H4bPekqmv_FsBgg&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 23 May 2022 11:04:11 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EC6B 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EC6B 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 18 May 2023 11:04:12 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame DCEF 35 KB
13 KB 13ms
13ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DB44
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1&google_push=AYg5qPKFzWjMGOcBXjqyoBkkgLK-i2UULwQdUzJBdnQD07R8BgimRbkTCtJoQNjk3IN8PEDGnqQAppID9jDTcN8w4KEuCSmHxpZaew
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk1NjY1NjA5NjU4MDM0NDkwOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1

43 B
398 B

157ms
23ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_EFOFeeFPQ9emrUGR3cXQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DB44 0
191 B 255ms
44ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEG9ncZVI7PFmq4gxViVE-iQ&google_cver=1&google_push=AYg5qPKRRX644ibUOyGDiCUl4gFsABRsHXpRwmTVfXyIgkFK4--8OxYbXmXCPE_aVps8oPtPpTRgSWaKo21GPOw9uYyBEwYGOkbF-g
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB44
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMKnc_WtiXRA-c2vcjejVBI&google_cver=1&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNi...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNiy_o7olrhkE-CuLxPn2Q&google_hm=co6yWX_ETHq-bYGrkN...

170 B
188 B

30ms
30ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNiy_o7olrhkE-CuLxPn2Q&google_hm=co6yWX_ETHq-bYGrkNqK5Rw

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPL8atwncFnxp_OIYdRBVqC8hLjGgOyzZaG9Z_PCAZkVyLsAplaXKqflO_q53OkorTiNOp_2ipbVhNiy_o7olrhkE-CuLxPn2Q&google_hm=co6yWX_ETHq-bYGrkNqK5Rw
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB44
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1UQ5K-6I7hKhkKdZuzGjQ&google_cver=1&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqi...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqiTUENY6qPPnqJ2A

170 B
188 B

28ms
28ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqiTUENY6qPPnqJ2A

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 May 2022 11:04:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=UL4tCdtfSheItS6KPVIlhw2&google_push=AYg5qPIZxH4HHAzPfh8L5D9on-gIOE6MmrT8Z2wjPdvJAbh0dnhZFH8dABTYI0zZdT0r2J5uBpKIkjhh2TEFUhqiTUENY6qPPnqJ2A
x-host: tde-deliveryengine-production-5cc5c75555-jktv5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame DB44 43 B
64 B 49ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKrxurGh7XnBzw430zcl8YU&google_cver=1&google_push=AYg5qPKj_HonxXdN4QQ7b3DxCKsju3sbFKsRE1oLHs4rL1zGJ2Lmp-hVhKCt_dKDp8roDttOy4MJVhmOK_Er7Zw4bo96PDHVpiPrEg
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2ltp3e8pp81l1otnrov72meem80od2f5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB44
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHUxyym_yJjdh2mVSQbNoo0&google_cver=1&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacP...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacPN908glM2LieIA&google_hm=EsC4pGZH9ngGli1rSXC0...

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacPN908glM2LieIA&google_hm=EsC4pGZH9ngGli1rSXC0rooN

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 May 2022 11:04:12 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK0ByDk4BAf0vt-FE8woHtIIdoBGKDkvGLjIEP-ehvtJL-KHIepaBiyKJBfUd8AmY9mejOoW-cAbwZLAiacPN908glM2LieIA&google_hm=EsC4pGZH9ngGli1rSXC0rooN
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DB44
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEIFnMzFHRR00Wng5MQUB6CI&google_cver=1&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUX...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIFnMzFHRR00Wng5MQUB6CI&google_cver=1&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U6iRKUz8RbqOchD3sVjhpQ&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC...

170 B
188 B

28ms
28ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U6iRKUz8RbqOchD3sVjhpQ&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUXQQ979K9w

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=U6iRKUz8RbqOchD3sVjhpQ&google_push=AYg5qPJUMkSGEH_WKEqQgjUn4fnQyqEEjBa6hua0BoywXFM8u2QsoEAimfygTPN95cAXQwKRleoqVsFArw_6uhC_zNnrUXQQ979K9w
date: Mon, 23 May 2022 11:04:12 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DB44 0
12 B 36ms
19ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3aki8tfWexGbLy3zfUPyt-K9-zFLXghSo8GL8iUbvx7GCRsJlO48oqy69hsltTENRmoGi

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 17 KB
17 KB 18ms
12ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/bg1.jpg

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 09:36:33 GMT
x-content-type-options: nosniff
age: 178059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17743
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 09:36:33 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 421 B
455 B 18ms
13ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/b1.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 263340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 421
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 2 KB
2 KB 17ms
13ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h1.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 263340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1964
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 3 KB
3 KB 17ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h2.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 263340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3522
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 2 KB
2 KB 17ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h3.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 263340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2383
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 1 KB
1 KB 18ms
13ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/cta.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 09:55:12 GMT
x-content-type-options: nosniff
age: 263340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 09:55:12 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame 2522 3 KB
3 KB 16ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/logo.png

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:53:35 GMT
x-content-type-options: nosniff
age: 292237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2971
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 01:53:35 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F6AD 0
26 B 47ms
44ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmWllCfA7-QpMXetBwbsgGgRDtZpzQKeI88BJqt4EaWIw-p-6ypELIdup40xQLtpYsQDJZ_vY2ezpnFclBKpzXw12hV1uVIp8bRlEeUs-cAbAmaZra8AGox8zjc08sgEqN20YtOS5cByTk-3lrpEprjIXNS0q3u7b5d6McffYG4V_xDYtC7rDMy8-AgZuefKpH0UhjDbJKyDWa1HCxi_B0J1Xm0BZ3Qg0MjFs3YDsLWB3DSxcZ5vgDmcTUkHICkrzQSHk3qs190tgsXnguE0vrn9csThVztJBYJ6zcN_KJ4P7baw9KRYW3QuhuElQb_x8s0JUOG7Y72mR48HTZrPU6R0mqkniQ6jUl8o6XV_gC2Hx1clu3i7JoEHtEuTfIUxOmles7qpi9HX2B5m8SUfRUlN4-0im-K10e_qycEv-X45b8JYkwQvwvf1UYZWCDP8_MXt7p2MIaXSFJInQp5qPIaoIML1oa7fc-sJtNNKQc03bj4tpxVgVE_x-QMEt9D41V2v3jfOYRev5SbKrOWykI05uRMvrpU96cU7meV8gSAIjnUvm9EePen3cmf1hqKONQoYyRpI1rANWiSh5-QyxtqHcsYrdmnNvn-g2BPaybT08JtgWlGj93H8CoG_f_jt_3nbhV3KoizYrCnkkflTFyJrKna32WVoifY0LFfW6qnle-cv74-3pWuCjLtJkalzaRuSjUnRx5ajRcgZl0P5nST7Qmb_KtH-pIKkFIkJ2oMdpEz57B5cJJQGA-hUD2r1urnSZZPT57qAtwVaM4d6T7IufxUo5AZwogpSGnmNdaMoAsWwnwDXNWnHIWFuuLdu9uhpCkqDxfeWnJNbilaYJGM_mx8Ywivb0f9aJZ-VGx3ORjAUIZMQjELPHq05xBWxEQ5vz2pxidy71kjxFp1HX_25FrsOV4xwJo7xg7YbRvaG_Qj2ieNSG-p8bS7AgKgBMsue-hRuPQPLilSJSu-9yrXBP-sqJF8LwgGyfSTnMofj6u8xViMKI2cqOjpX-TOQsChyIA61ccgXKNEyecgMWs-9lxzUiNZGtpuMV3uIqWHGT1aHXhciTyF2cyTvOFcqXNkyjHSHPms7X7JOv4FaMfLRjqxIsp3BHWjhTUh0vA1B3yE_GRKsYQ5dGIbI43bij276ucwyH-D6IDoysGm8fP2hB9rrofJ7c-RT0OXn79FZzW&sai=AMfl-YTXgeEtE44Bd8ad_2qK87QCHlm2KXHkSLChymIe2TULgkQM_PoWYfuocdQTXc81LJ12eyMwJcb9fZsamkN0nrPdKcn72ZmQSypGk4ssH-W1fP_p9P0_h4WB7rnIL16fDj6_UsqXSebUXgjciLRvRj4OSLA2fZD3xx9PLPZ8attRw7L9huwK9fya8ZhGEF_X3Ue_KjL0507ZBFkMu3NuAQ&sig=Cg0ArKJSzAFHbbb06KksEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1012&vt=11&dtpt=738&dett=3&cstd=272&cisv=r20220518.27285&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 312ms
311ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:12 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 3A4C
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=33785800092820404444996011968027&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33785800092820404444996011968027&actionid=981741&produktid=&dt_url=

0
628 B

69ms
24ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33785800092820404444996011968027&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 May 2022 11:04:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 23 May 2022 01:04:12 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 23 May 2022 11:04:12 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=33785800092820404444996011968027&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: C11B0E1C:AB2C_91EFC182:01BB_628B6A2C_1049D8B1:2080E

GET
H2

200

htlp Show response
futalis.de/ Frame 15F3
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=33785800092820404444996011968027&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442

350 B
409 B

60ms
12ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 23 May 2022 11:04:12 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 46FC 1 KB
2 KB 378ms
190ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=33785800092820404444996011968027
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: fc619fbeea080ec9319947cb60783f1d0dde559b6a9872a21ce277b6d9b4a9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:12 GMT
Last-Modified: Mon, 23 May 2022 11:04:12 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1246
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755 Show response
8019191.fls.doubleclick.net/ Frame D0D5
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755?
https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755?

391 B
346 B

47ms
25ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755?

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

07882be48cb972b716b05891489db542e33182c886f132eff52b877771450c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:12 GMT
expires: Mon, 23 May 2022 11:04:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900027.redintelligence.net/ Frame 0CB1 7 KB
3 KB 40ms
17ms Document
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=tvoquqemwxkm&nw=20&renderingType=javascript&namespace=9cc0d89ca9&subid=&uid=8a099c558b90f776&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=930x180&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjoHlK2qLYsPQAoaV3wPisJOYCablvaBp3Y-cp8kP8C4QASC7x6tVYJWCgICYB8gBCakCmy3ER7jNsT6oAwGqBNcBT9A8G3ciPEptEMbq_tcVvHszAWkxjGglPLxiT2MWRCyn35hJy0iUrGIXm0qiI9C56tBtz-GAMBUS66j1a1iLK8bzCuW0xI09I9JbIFgwyA21UpobDP9iEORKDekkufxEaLtuc-J8mgOgaKc_OpmMAvpByFM03sui1JLLHQ6SsEI55rUx4fEAADBtB1-fv7ARcl-QlyLZxVIlV63NPKiN-QTXueV5VFMZvH6vFtkmY2hqErpo7KmuGml2hbrtl_IbfJCnpLYNagpSpFWRRWyerjMlaN1hmljABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORoB9b4314NfcKXrkPaWNe5SgsJUDmoNpIzCliTLVjKFeomLQ%26sig%3DAOD64_2LKbw0m6iWC9U-pOVO0X5ltewpdA%26client%3Dca-pub-8580196427209314%26dbm_c%3DAKAmf-AZrKb2WR9RRmUNSkObs6nt5usudkwIhNio4hdTkAkxHxknzx8hisZ0MHNflfHyOO8omz4nhqWcv4LS6iG0551rDHGlO9TBLNdESYUkVUPmmn4m4pI5idwNUhFrRSTVMEkf8Dxy6O0J9RBBlaJ67aXDbPrpHw%26cry%3D1%26dbm_d%3DAKAmf-DY5To7RP_9og6bOF23HWlj2_0ZwLyZWYPL8UTRbes9LqwYbAZKWX4zRekvCuxVhZnfIwHwgk1uIi0EGBXcht3MUhKSSCFn52gnksr-aDnXCv4KxNZoPQ6glyHMraYyfskn-SBbPYAK5iR6vZbaI1d6UVQOV0xKFhhgZu5hhkeGAoDX1pdZSVE-Egm2vNuIsG2YmnCovZOdVFGqwNJT6NSD_LRBaoVYJYu81Xr5ipc7VZMj9wdgxxJrF8ZIqDc9-1KioTG4a0JiFFQVis3SrEpEWOZjvGFo8BVWkr-ez_LKYPmLWLt8ps2ZcX8PO9A2PXwgRHwKM5BIcWfHWvxJLyTYnEupnliB_eZVQVNPXmBhwhOW5Qxs4IYOMvxbRTLprnXgwa3LCsRjSDr7lOaERZ65MMU1ZqX66BKwSqkJu71oKp5c-mkSx2ltQiZ7Ylm5ea8r-bjv%26adurl%3D&documentReferer=https%3A%2F%2Fwww.nur.kz%2F&ancestorOrigins=https%3A%2F%2Fwww.nur.kz&random=3125397279682&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: bca469f00e34543799c431d4fa6543770d5b0c108d75d6651faa9058df9b3b59

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2210
Content-Type: text/html; charset=utf-8
Date: Mon, 23 May 2022 11:04:12 GMT
Expires: Mon, 23 May 2022 12:04:12 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 46FC
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=33785800092820404444996011968027
https://ad-server.eu/wm/pb/native.png

68 B
312 B

217ms
38ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:09:14 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 23 May 2022 11:04:12 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: C11B0E1C:AB3C_91EFC182:01BB_628B6A2C_104ECF88:14CEE
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 46FC 43 B
705 B 238ms
88ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=33785800092820404444996011968027&pv=1

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:12 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAEC 0
26 B 47ms
47ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRmg4stMbTU-iELa0rHDOKWIDn1nYVPfSeL010oCfXHXLaa8V7k7z35vkxD-b7Vv36_Wwt8Zw1oVwH7ba3dRIoribQuJyYBstoBJuZlamf__MVQ83vjoNaw78dY-srUsEnQSiHtPQl4fI6JxfowdEuV1LGtS_cCfV1N10C9p3ffHID6NMO75jLPVRNFWHpBr4AK_BSDs8yNWOBepmMjxLUr6V2j7it0iWjmde2rTm-at8qEq2XoRkNYTnmzAhY57xosDAD5XFX9V_72GVcZbYY5ziowJ3ayoSn28ShMFLLvjKi2sovCP7I6l4e08GZJIHQE6YcfizSHG5hlEOcymj2PLzwI9B4gTUaXC2mQNwPzUE67vURY_Bpit0Vza2k5nDV3XfvsVZyvBmfjQFxFdfviXWMWu-c5Eak_sEVJbov35X7JT8SzIEL8r4XO9MAgpo5zEPEXfZpswzhEvkGQ7zSMEolAPbHV8yqMuEJWgutwOsVX-AVS5eAxOj4bXiPRfsAPJowQGtLl0oud-D8ijVCNlx3n0B3Lj4NU9s9cmXrxQMdgqiAuVIyZkADMlXOKBXkgSTEHTRVWAFIlWO5x-o0o9m1di4K8Cr2HoG2S6Ue_xgg3uLaQcb0uGswDzJ3gVQyWXr1mrktNmwEKxVg_sXJHtYkAC3tnmIFzB_Myx4af7-LVeSMg03nO6_AErWU_NCq6-KIwvn-WGLHjESIntsOEVgB2fvQN6McDhTRVQJosijBx8X2_EUSqUCKNAXrRB5xDS2Do9ob0N98VvDzkecDDFmHUs5o1tokr1ZqZSPBZcQ8FPL7zh40-OoX7KoztVKYkskOKMbwiFpGGvwoyS0KwZlMqHzZkJ8reRzUKbF56-R6aXiF3EuSF0VHIoZPb8e8_HBGl4Q7_cGP1QbbG-TLozK214gAX_JqCA12sRenxlcKUyLaoJPX_h2JwMGv0_RoZAeOBITltxCr8iTX1LcoKRyXp5jagJ7HswIATO_iZOd2Htrgk3ojKim7SxLmJ45xoT_9ZmRUPowSYazUhFHOOaq_MjvD6XkmEPvLz08bU7R3hv-d6lD1EySai5r-lxvII6CSizaWhCfxGPpl7BrOe45ITb0JtshLzqgwNtVjfJpE8vc89G2i49RE6tGRVaFRVRaWem-9&sai=AMfl-YR198O6oUROBJwbB_zRUUZcem8lRjfRKIbLy3W327FjRaKLKozsDzWnPVRmPQFyIUbt4SdQEgl6kYXmB7P3JW8Cg5FKvetFzUBkuT4yfN9Fy1UC9iHJjvKiplRYSuMNc7HxAbYDfNdqKZB2O73enrgGMGP8VZZL0AaCFFbJIhrbzqWkBR4WFPkFpB6yngkC2r7alDwZqDTeoRuIQmR_NQ&sig=Cg0ArKJSzDphMfQ57jf4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=948&vt=11&dtpt=675&dett=3&cstd=270&cisv=r20220518.54456&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 236D 1 KB
752 B 10ms
9ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 24 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 74ms
74ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=e41569191c8a6db8&pm=bmn&p5=lngbo&ad-session-id=550631653303849775&utg=oxum&lts=fjdxztp&ytt=433758947901445&ybv=0.584469&ylv=0.584469&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=ebwtejm&sj=GzGLYODQZPhnkMc8RYvbjnOgbZ4GKWlJ0a_bsAK9-r-tysI6YGycE1HglcBF8g%3D%3D&puid1=Homepage&pr=lnheyrm&p1=crsny&rqs=KYq_1bDL11cpaotiEh0M58derNg_2i-N

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 May 2022 11:04:12 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1HCMxjdR0He200000000U9nJr3Jxh9BL9DjacCeQkVHnsJarIysixYG68F24YOJMh_eQ4gjToywGoWWKpqnbzLq04YzL1l9gKu14AoE8x0J90W4Jmqp6SaLcC7iXuprzYF1Ancf126ilO_5QKOQZOFvPHf3OLJ1vbv71Xe7fB-Ci9WQ6kKmWaQLCDu3ijKnHGFPPf... Show response
yandex.ru/an/rtbcount/ 43 B
487 B 64ms
63ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1HCMxjdR0He200000000U9nJr3Jxh9BL9DjacCeQkVHnsJarIysixYG68F24YOJMh_eQ4gjToywGoWWKpqnbzLq04YzL1l9gKu14AoE8x0J90W4Jmqp6SaLcC7iXuprzYF1Ancf126ilO_5QKOQZOFvPHf3OLJ1vbv71Xe7fB-Ci9WQ6kKmWaQLCDu3ijKnHGFPPflz0S9Kfm8s1uIdJ2w3nhvW4kgFs6wMoCZAOfgyxi_e-AyDVfWAWeQtCh40DlSoAG78gCyYWkSnC82S0IGMG2rWsCkiBEpjEibd2Vf9PSzlq2TVQLOskWbNU1PC_cHsS-C6EdSMYu1sILENbNkZi4UbPa9XVaXbfucBfMXWKMX8Mw6UUu-6pa4Nl_JQmuXKitm_nx61XEi32U9C54XWVx1-od3q30c_itxA0l3o1jRMXew7jGj82LiwJh0zUSO3LNM1jKBZ9gZcF-pEtSrJmLrQGPplO6bWciArySsRvehCF-feOPx1TEHoyW6ttfeTlkbvy-hEUSIKRpEW3R1uds9WViV6MvRjOPGSx1JhwX4IPlsI3EU8dd3MHlUVxus-dbx-ndyNEPcfXOc9ckO6TQGSxymbsaGViFwVyFphZ-fhkCum0KDAgLm00?confirmTime=2169000&confirmRatio=1000000&test-tag=433757337161730&format-type=118&actual-format=13&rnd=4299587177422&pcode-active-testids=583180%2C0%2C59%3B574104%2C0%2C-1%3B406668%2C0%2C21&pcode-test-ids-from-count=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNjA2NTE3Mzk4OCI6IjIzN3gxOTgiLCI3MjA1NzYwNTE3ODE1NDIyMCI6IjIzN3gxOTgiLCI2MzAzMjE4OTMzIjoiMjM3eDE5OCJ9&width=728&height=200

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 23 May 2022 11:04:12 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 23 May 2022 11:04:12 GMT

GET
DATA 200
OK truncated
/ Frame 46FC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6f980d2f0247392f4a6c535cbc1c32084db845fe19b86e9a963e346a6e098b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8245 35 KB
13 KB 12ms
10ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3DC 0
22 B 46ms
46ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuJrRKmqLYo7OGJSI-gb7rZjICwAAAAA4AeAEAg&bg=!c3ClcDTNAAZ4vKt9WLw7ACkAdvg8Wsst0Kns4cKmRruKXhDIXF1_fLqGgg8AeedoBkVHIpo-DacH5QIAAAPhUgAAAAhoAQeZAvXNa7xH1iAJL_k3tFikpq69sQ4R9L6AF0B6a8ONmXfUuqcxNVzuIJ-sFTnpVqQEsKYrmHsrgOegKjF8XuRTHC-UvZYZxT-_7SNqwlnOQDQl_7GEDJg6ysJKLzgqIk53SZLiPdjcTLBNnz3yYsd0ur-w0cOEplBK1tUjeoQyo7F6mxN75HYCaMrgxwMZng6fe5FtXxv0fr8xItHWXCl0hR76YynRzCyguY5k1RSLwQ1rmiNx4hmvjjRiwUm7OtQX5SoKDxeUwZjFm-kuAthzGF-bgMo8Ie1kKRVn1fy4_POhI5kDFzJEI0ZTzkoDlEyDdVRrW9SIJ0vPJhZoTi7FXRVIMrYHMYJh3jxDUBYjJh_S9vpObNYBBi7fmApWCzbpkroX8OxaF1QpXC3rheWtNcYzMU8z8FFBpMHWiNVyLgJFaNIZ2R3zq2kpPqfg02GzokCLxzDXFj8inmz-GmUXbB-25FDtFYxM8vaKdA1qW_cKaPZbbdbqQEzp5lHXw6ubiojbTuk48mHWNyv6ScqXzRSdIXpgB9F1CS-8d6zQjrM8Obg8sVf1i74cxvD63GCYI-lTDAZVj24mCWRJuCcY2Pl4xqnwxyI709iMAKG61sEfsL7k6Rbyh2Rw86lr27KgngbwSvbXTW3aiW0znPqU06cyrdr_JEDvvJ9F1VmG4Wt8Q0okzL0E4IusyBP1aT5lnfK_SYmHTp8oMRvaOMgrwmneC_g2BWdjtM6YREsmW7f1o7cPmVlsU_iNR3bWRw-9lbDfOwcVden14PaSJv7XSKFkfqsvyWjfCg3zcbL3YFaHQ9JAtSgJa7lYdoePmSDHHCWVvtsnlTvugH-GNH0OzdbhtFD_YAcsevhJWZy_eNDW86tDrhTtbvkx4gXMymFRrYW_o780e8u2V-BX74cAqWKDQLU9ZyM4aUQlgb6YuuUdbkxgZ0BXV9SLCe0FEy-d6xjxTwR9cCvOO8cQs34HoHltLgVmV9OXhH9n-rZym6ngml8cEdJz

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame A0E9 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 09:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 09:38:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0CB1 4 KB
1 KB 300ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 May 2022 10:50:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 23 May 2022 11:04:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 May 2022 11:04:13 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0CB1 55 KB
55 KB 109ms
21ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 03e5f97537c1fe808733324bbe7670a65bb50d6ac77c56caab5f215c7d6a8e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 56123
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0CB1 63 KB
63 KB 54ms
22ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: aea587c955b2759543f93e929d4c3825587fd0b093130090f542ca2af6b95cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 64189
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0CB1 46 KB
46 KB 71ms
18ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: c1535fcd9124a8d616bcd65a2b331deac74485fe59a72734e7a39e2d4a153331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47331
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 0CB1 41 KB
41 KB 231ms
13ms Image
image/png 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/48335/creativesup/highheels_red_1200x627.jpg
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 551fb2ba7341c79e79d37ee4ce8d7f40b2f2fe4c319710e87e659ca2fe31d1ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 42223
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CAD 0
22 B 50ms
50ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNk5-KmqLYrPMGNm13gPF9KfwBQAAAAA4AeAEAg&bg=!NjWlNXHNAAZ4vKt9WLw7ACkAdvg8WrNePQ7Hiz7YO5Xt1o7sF44Ai4AYkKuYFaMLb8R-Jqqdve4-_AIAAAOyUgAAAARoAQcKAE3Wap1xLxfoywL9b8xAMORhkTuWeAyfQEFJMfpAcFRWOq4nMWrJ14FAeMhNUZ-MwCqHX8Yy_MGD8MnW56h_arN4zoI5BHKJOoZVRD-o0JkC7xvH7AdnZ8WkbVJbTbU_QPnv-3orOjclN00MI_dQkfFljU7n34QsQy9T-6MO9vHTLjceseSHo6VavFPZKn0OHDdsfv-M7Vwr6ukH5KO6uDUVYGLYqj8DtEYoT4DciTjt2mrFhXp2mPe3kg1KKMlYyat0u4LDOkhbMjsgIjE9y_2y5JAM_b60tjHPnhdWKo5L-yonSEm6CsKngOJ8NxwSpK-giffXsSldf2oTOZseEZC9lH15CYCElCRTmBR32vSS-yeUzJTlye_Vu4ipgJZxqvZSImoR5AwP31CmSANqh5ObrRQPr74XcsAJvfcxCcVJkSaNIxoOR1wsmIa-Pkzmo87MlSFoU7BP_9PLkhoS2UpGr9cu-N_24iFmfxBkz3SEs37fjdTjnSVk47sdznbvs75ryrVOOJv758L7k37gWIhFdoyzdEh3W4KnBAq7orbH_mJlCgeOb0jf27MDBieEofswyqvtoBm99DlFL4rhCXl11DEVNGb0ru-AAr-JrQt12IDRGTTJLjepNuVy1bvbFiIgtqAfdd3mQ7yOvtNJ6_1nz2wC75llD0lWCkWv3SyhurGgS_ZnGRkhagI0876x7-CvG8AJBLvLlaPo3ZAQRPzl1IHO68bZRt-TJtMcXeJFBTDUPNPAQxJ55tC00p_A3g_DxmKyRYbHrqKZ6k1Zn2LCPMXbRe-6zsZxM55IF9gqHnQZkO3q71C2QSYd0V3mdC8uzxji2e9vLsjZuvuzYfmqK3uOOvZiyvL5F5Xu7lNYptw_zX-VQaCrlIPqJD-hNCvbqKZZw50GW1fHArKsbkYsUtsGe8WjAV5YQbhYRxWgEvItwZFbEVog5BFLIAEM_0tNXHDi5_L2skXt6djneg1vKRUKM-fRlkEcITAIi4m0HAObzYYytJZxJujW0t7VprAEomQLBMWDIvuBTTI_sQcAVnqidtw9TKwjHYhcpSWryN3p3u8Fu1M8KpcYn39_ay5Jp41goWEhQTWHr9b0fgw

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WPCejI_zODW0JGm0X1LKzQf_XU9jjmK0s04GW8200J4fQejY000003ZMz3k80YEv0XU0W9M0OTRsy0Bwxecy3_050Q06o0791YasyoHgWXs2gGTb1KsWutRE9j08We20W0A02W682WMe2kW7Y0j6gWiGYrg_CcK50G0rPwxCgz_m2mRW3OA0W860W82819WEgUpUX... Show response
yandex.ru/an/count/ 43 B
554 B 81ms
81ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPCejI_zODW0JGm0X1LKzQf_XU9jjmK0s04GW8200J4fQejY000003ZMz3k80YEv0XU0W9M0OTRsy0Bwxecy3_050Q06o0791YasyoHgWXs2gGTb1KsWutRE9j08We20W0A02W682WMe2kW7Y0j6gWiGYrg_CcK50G0rPwxCgz_m2mRW3OA0W860W82819WEgUpUXEdwuP8og0_bYkIgkjoTvoQG482vtAsjXk2rk07u41YmlwMa4l0I5uWJ0f0JCfWJu1G1s1N1YlRieu-y_6FmW1Q5W8Y0Xj1Ye1QGZfYK1iaMy3_O5e4Ng1S9cHZG627u68xVo82PgvwdJ80PYHdWwh0PgUpCfwBDu8w20RWP_m706QcyhfY_uP2jKz8P4dbXOdDVSsLoTcLoBt8sDZGjDEWPs0Nm6O320vWQrCDJi1j8k1i3WXmDTcz4EcjJGb51J5HQD-aS0F0_W1t_Vu0W0eWW0my081K1xSIzQi0APoGk2oRHEGJBU1Ewn0XTjkgoV01yr6o7D3OAs5CxvvjmPp7C~1=WpSejI_zOBm2RHa0j2pxIhy-l0FEqx_Efvw3yRO1W06ViVpGph_7oHQ80QVmtgAE0P01oDU9pjc0W802c078rudEMQ01-DQe0VZMYSvPk06odh-r9DW1WAAqfG7W0TBnfQK1w06u1FW1l97UlW6W0fJ1nHUO0y24FR030kW4tXk81TkM6f05ky56i0NEzX6u1Sxs4S05uyLao0NznndG1VZ12E05TvW6egIqz0Ie1iW1k0Uq1l470CA0W0RW2ChWuWle2NWpMoKrUkS_oVWAWBKOsGjb1KsWutRE9kWBwwe7Y0oyjjw-0UWCcmQO3QgCFw0Em8GzW120pu8ZmA0Gq12UcwzVeH5du16ktji5w17-XedXxxMz_c3n4G00002u2mb1aBnWatYYiZ-O4mBW4yxs4O0KW22859N9vhgy_QszFw0KplOHg1IxmKO7q1JCnAyOs1I5WvcK1kWKZ0B85PZVrfQC1z0LXOEPb0RO5S6AzkoZZxpyOw0Ma8wOb0Qm5f06oHRG5hosthu1s1Q0kTojhORWjRW1WHUO5z6ys2wu5m705xMM0T0Nq8O3s1VVgphe5m6P6A0O6h0OWR2jb0Qu607u68xVo82PgvwdJ80PYHdWwg0Pm06u6V___m7W6G7e6TW5y1c0mWFu6VMRzYc16l__Rp4GnWMOY1h0X3sG6e10c1hKmrEu6WBr6W40002O6-UoDx0RIBWR0-aR0000GEb6Hq7m6yEvt0Nu6ykSzmFO7Ekg1-0Sky56wHm0y3_n70000C2wjxA_W1t_VvaT0F0_u1sXmWNe7O-ocU3gZCUE9l0TcEJYe--Cnuuc-1sCdhVMtUMKZYQH7gWU0T0UWvEugPtghC86s1xwsXw87____m6W7u3FWYEm7m787u2HsbBI7mOrE3GqDZdP7m000036vq51u1-5jhC4w1-1wAG4W202Y203gI2m88I08DWW__y1u2017m1Go4Pj2O6p64n8e09k1h8sQ1iuh2cA0KTQZMoFomWfaWCbDu-6xC20Y4GVR208JCaAopMZB8G4VrVXwYBW0q9CRqttww3bs0J6I8p00d1vgCN69XNfEOQPcda7smGS~1=WmuejI_zO9029HW0v2ays0uia0EqYxcspTcxmB81W07xrwEoYVBcZJU80OR_dhHNa07OyvA0qu20W0AO0TZpae1Je07Ig07Ik066l8Q_8DW1dgEqbG7W0OIRj9K1w0780VW1_8hUlW6W0igKhHYW0mIm0vW5Y0MvtYMG1RIy9x05iBqGk0MmlH301R3D6yW5byCBq0MIuWJW1PIe1iW1k0U01T070jW74E07f0_n1m000032W806u0YbofOCw0aZSbzZUf3-FydP2sK5JQ3ZTiucw0kEW2M83EAUvBu1w0oR1fWDgeomFg0Em8GzW13Fpu8RcX0R2G00-3yPo130eX2X4MVW4QxUsmNe4Vw6YU7ljRt-OBWB2K4PL0zc8z7EFvWJ0k0JiBqGW1I0W804Y1ILoUQwlFsjlJ-W5B2z4AWKjBmdm1I0YDw-0SWK1D0K-CNvRjWKwR2Eb0Re58m2q1Nfi8wK1jWLmOhsxAEFlFnZe1QGZfYK1h0Ma0R95j0MufxalW7O5e2vtAsjXk2rk0615m00y3-O5uJqoIku5m705xMM0T0Nq8O3s1Uin3he5ncP6A0O5R0OWR2jb0Qu673u68xVo82PgvwdJ80PYHdWwWW000000A0Pm06u6V___m7W6Hde6TW5y1c0mWE16l__jnhbdG6BY1h0X3sO6jJ3K_KQ0G0009WRvx8ti1j8k1i3s1k06EaR0000G3kKS47m6u-xxHFu6yZ2-mNO78w09U0SjBmdwHpn70000C2wjxA_W1t_VvaTu1sXmWMH7gWU0T0Uixpbzek2bOGOs1xysXw87____m6W7y_FWXkm7mB87y-HsahI7mOrE3GqDZdP7m000C0wb711u1_ykkqJw1_ebA84W202Y203gI2m88I08DWW__y1u2018G1Go4OH2G9ZDTXHn0Wbn8wSsySG0wCCO1y5fmX4GhYbqv2eR23aCHrRIoP0BTVCQyZ4qWp-Lnsvx-e6MiHgqB1tQwhT1oq79p16qWWi0eIbz1o3eB8WPRvIEZMmBcgI7MmJS000~1=WnOejI_zO9K2PHW0T2ee9FBMbGFEbeAHmB3bqi81W07zeU1QY06_rPEKD901wlER-owO0TR2twSje07cyvlxBgW1ZB_Vfosu0Q3toimPs07Y_T8Ku06CXOWKw06u0_W1bBhUlW6W0j2jYWgW0mQm0zS6Y0NAm1gG1SsW7h05_8SDk0NyXmt01UlrESW5y80Pq0NLqmFW1PIe1iW1k0U01T070jW74E07a0tn1m000032W806u0ZebeK5w0a0k8jfk9R1FydP2sK5JQ3ZTiucw0l8z1Y83B2cvBu1w0oR1fWDgenmFQ0Em8GzW12_yB0HcX0R2K04440Po130a9220Q4HP-0HhjxR1UWH_eQ9uU-rlVvWk0i9GI-2o_s8zTa_c1C2u1FyXms859N9vhgy_QszFw0K_8SDg1JDe1wm5EwWgXUu5C3CZGZ850BG59NCnG7O58lPkeW6w1IC0j0LYzcwY0RO5S6AzkoZZxpyOw0Ma8wOb0Qm5f06k1O1m1PWoHRmFz0MiARalW7O5e2vtAsjXk2rk0615vWNrTFq5BWN0S0NjPO1q1VGXWFO5xY0EkWN0vaOe1WEi1Y1iAsK1hWO1lWOZj_8W9chdgTCW1c96U3ge1d00RWP____0U0P0-WPs0Nm6O320u4Q__z_k1r9uC-86i24FPWQrCDJe1gWqeZEeO_eiRq1zHe10000c1ldiZUm6qYu6mFO6u0OwHi00030PnI1GV0RtDJ79_WRmAdU5jWSoFGOu1pDe1xf7F4S0000mBgtih-07Vz_cHtW7Q721P4Ug1u1q1wumvgVk-kwWVu1s1xxsXw87____m6W7x_mi16m7mF87_6-gGhI7mOrE3GqDZdP7m000C1EMOH1u1_uxv0lw1_dtiKSW202Y203gI2m88I08DWW__y1u201801Go4Ov2G9bDTfHn0WbH60vpvKX1g8OyAFLo0vU6I55Sg14g2ypOg-1aBeqbfSIq9LhHZLaH6a6DqUokxh14h4QD2pQcce7GSj92OoH5WAB067jFCSWC2n8uLwbT8x1Db44~1?stat-id=35&test-tag=433757337737777&banner-sizes=eyI3MjA1NzYwNjA2NTE3Mzk4OCI6IjIzN3gxOTgiLCI3MjA1NzYwNTE3ODE1NDIyMCI6IjIzN3gxOTgiLCI2MzAzMjE4OTMzIjoiMjM3eDE5OCJ9&format-type=118&actual-format=13&pcodever=584469&pcode-test-ids-from-count=580228%2C0%2C95%3B579745%2C0%2C63%3B573666%2C0%2C72%3B583940%2C0%2C68%3B583180%2C0%2C59%3B583130%2C0%2C87%3B406668%2C0%2C21%3B574104%2C0%2C-1&banner-test-tags=eyI3MjA1NzYwNjA2NTE3Mzk4OCI6IjU3MzYxIiwiNzIwNTc2MDUxNzgxNTQyMjAiOiI1NzM2MiIsIjYzMDMyMTg5MzMiOiI1NzM2MyJ9&pcode-active-testids=583180%2C0%2C59%3B574104%2C0%2C-1%3B406668%2C0%2C21&width=728&height=200&confirmTime=2186000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 23 May 2022 11:04:13 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 23 May 2022 11:04:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA1URzuwB54QuspDDasXUCE&google_cver=1&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKf...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKfmZccPEBI97YZ

170 B
188 B

27ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKfmZccPEBI97YZ

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 May 2022 11:04:13 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIpInfzk-MU5IS6cCY35-oLjOqNs-TCBLlSHToZCI-f9gh9NUmNxEyd6YqRiZ0hZiZQADsSAgxPZORfblKfmZccPEBI97YZ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 23 May 2022 11:04:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOUoKvfc0sIq9-Upam2EfdA&google_push=AYg5qPKkRIhgSx-42f_-A1ekouimQPrZTHpOi5CVvu0SRfHkOuHEt9FM40...

170 B
188 B

26ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOUoKvfc0sIq9-Upam2EfdA&google_push=AYg5qPKkRIhgSx-42f_-A1ekouimQPrZTHpOi5CVvu0SRfHkOuHEt9FM40bbqHGz1d8ggl-ZIJTfLCbATpVaJpWba8wgtihZbxtI

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1653303853.135312,VS0,VE903
x-served-by: cache-hhn4060-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOUoKvfc0sIq9-Upam2EfdA&google_push=AYg5qPKkRIhgSx-42f_-A1ekouimQPrZTHpOi5CVvu0SRfHkOuHEt9FM40bbqHGz1d8ggl-ZIJTfLCbATpVaJpWba8wgtihZbxtI
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUCPMW25xfpuMrAC_895cE&google_cver=1&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_gIJg...

170 B
188 B

26ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_gIJgByoalEzHoP

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMDg4NTk3NDY5NDY4ODkxNQ%3D%3D&google_push=AYg5qPK6NZ02pn1dCLf933JjogJJCu6h0lgLwhiNMezaOPxw4EPC75a_9W9QusnOLByBHX03u3YaFVr2Znodk_gIJgByoalEzHoP
Date: Mon, 23 May 2022 11:04:13 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEANXtfdGCaAJm1aecOAX5PY&google_cver=1&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFo...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFoCnadh

170 B
188 B

29ms
29ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFoCnadh

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLyoUq8sSquTfglQ_P8yb8o0AYfCYvSaUc3o-7cPqggBcIMI2ZFAiDhvQpHThyKlj3Pr5BmZGq-Zors2zdFHAtsgFoCnadh
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAn4mYcrA1E5f36RJzHhjeE&google_cver=1&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lw...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lwnb_f_q6yPCaldlfM

170 B
188 B

24ms
24ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lwnb_f_q6yPCaldlfM

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPKRc7grxvJKt_GggXauxqNC6Mbtuh5dIJijJfGKXCvxcc-pvNayTilRgqbOS-4qK5x4RZcrDkGHQ4lwnb_f_q6yPCaldlfM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 236D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&redir=https%3A%2F%2Fcm.g.doubl...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&google_hm=

170 B
188 B

26ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&google_hm=

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIaNQDAI8W7PsItPoKnFKXWkJA83pWftHmPtVaDrgyjMFcuoLqlJnobJcSYNZ0ZdH_Vc2VX1PlBm4_wBDfeZPh4kEqMLj6w&google_hm=
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 236D 43 B
71 B 21ms
21ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDmFUYDN-yFSLPn_aXF_4-s&google_cver=1&google_push=AYg5qPKlc3buD4yoWcApXQAYfco3RhlCXYsCZ4cvlR5UgyYGZVSRQX7UhPKwxylQAOi8LGBQGrKbIlvuiZFdFPybze_1QH6kCHgsLA

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 May 2022 11:04:13 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 236D 0
12 B 21ms
20ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_SIGrJ7T6N0W4_L8kh4Gz1SSVQo33UyEbwByZf_kBHPZAFKoOtECCmd2I5bh1yZcLgejK9A

Requested by

Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755
adservice.google.com/ddm/fls/z/ Frame D0D5 42 B
63 B 64ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COf26ea89fcCFYscBgAd6qwFKw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8126957149212.755?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 15F3 5 KB
5 KB 17ms
14ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1397814442
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:13 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3ACA 0
22 B 45ms
45ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmYPJKmqLYqOzGYvmgQevxImIAgAAAAA4AeAEAg&bg=!urmluf3NAAZ4vKt9WLw7ACkAdvg8WooRm4R7eLROyFYmLvhk8B3GutHAxir9uZWpReLCq7O77UuS0AIAAARKUgAAAAhoAQeZAuj3C9rXZI63Wc08XqvM-RtOj0Y-cb12QGh4iz6FQkMxZMvfhQtGa0NOi_0BjiP9koWPPko-TDeN8N-PvPnxXsS2A-EDZtWUQkM4BaGO-qC5K4axF5zwoRe3CKHYBzSVvmsxpEapnIRgljmnpB3eU1jnqYf2O-9fuQT5c90OzgJR1qWDqGMM5zjKxA97Bwky3MkU7PUjtWXTqdUUMBCqD_WL_w-nsI2mHsXxTUAm2QIKsrmj2Z3_x-Dy8slvYhtYLAFJXsoMUELO8JkDwxMbl92b-_EAzzngyu32YnGlEDGPJS0ReJeJ4fzNG_-HQVg962etF9V2I2PPqjQAXaZmx86kyLXAlgrRVW4MgWyAPExnMBCM8vaZbgyyx-R3Fcq3-ZHk7RjoFJdxTsIwc1DSeBBw5B26txpZm_r3cIZ3Bl0digyMpwpQ7c7rzsjKXJa6wVOlIVA5avAKt2M6hPSStUModsAQqYhgQ1Aob31Ax7RjU_voDzx7S2mEllgLPmeShIMMPFm0Kf_jWD-Xc3RtB6JWxx4fD2ipmWCwJ8BMWwrG7YWk7NPiGti8yzeX-iI575R46EiSOWecke6o_TXpZhECc9OqgNZWzEtJMkl64OwDNp5tqyGZsBO2dbUS1v3OjRt8V-VwrDQuWsXlrdbHTxwhczRodd8kElRgPbnk3TRCLpABb2C-657hOH2nZfX2N2Zic2Dzq9ZI2t9YFugXW4xgT_TybxQWE-MWc8vq54AY3lRZL0ATK6iAFiYxVYQSSpDERbvssY8oNRBfzhSQGS5SE4-sVgoLP1hR27rkhAMLkfy1NSsY1SubSIZtSNJ7CQgqGk3hlLhyUXcvn3PISGDnueekWz6Bck44XhuxYzJ8H5JSdipvdHiqhttnW34RQivCiZTjK93odRNGv92VkYBpswdq3fu88u60lPojUMN7Lz8KUG-F-_-ihS0DoTQU2WudkrpSM4BbwW5zYyPqEH3tvMUuwoNbyTc

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 46FC 51 KB
51 KB 74ms
14ms Script
application/javascript 143.204.215.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=33785800092820404444996011968027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-33.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 24819
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 23 May 2022 04:10:34 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 52083
x-amz-cf-id: yz_gmMuE-pWzdFNnPciwA8LwwDr0A1s7UR1AG-HvxmJoC05cqyzoFg==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 46FC 3 KB
3 KB 106ms
45ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=56853900072136204445174011968005&wglinkid=723175
Requested by: Host: 57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
URL: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:13 GMT
Last-Modified: Mon, 23 May 2022 11:04:13 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2727
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900027.redintelligence.net/ Frame 0CB1 0
150 B 40ms
17ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900027.redintelligence.net/viewability?s=33785800092820404444996011968027&a=563ef3c1&vb=m
Requested by: Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900027.redintelligence.net/request_content.php?s=33785800092820404444996011968027&a=a7d91ad1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 23 May 2022 11:04:13 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0CB1 13 KB
13 KB 43ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 401871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:22 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 0CB1 13 KB
13 KB 43ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900027.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 401871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 19:26:22 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&RedC=c.clarity.ms&MXFR=151F6A5A956B624939D87BF7916B6C2F
https://c.clarity.ms/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&MUID=2918AF6F769E6FB23BD6BEC277F56E2D

42 B
369 B

30ms
30ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&MUID=2918AF6F769E6FB23BD6BEC277F56E2D
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 796352A1FD2441DC88D3D0C82930ADDE Ref B: FRAEDGE1520 Ref C: 2022-05-23T11:04:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=89ED4BA1D087412BA9D2DDCC5AD6C58A&MUID=2918AF6F769E6FB23BD6BEC277F56E2D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 21ms
20ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

998e9467efaee0cd857fcb8ec2e1a70e8957773fec8891d982ebca5b6299e4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 May 2022 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051701.js?cb=31067688

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 May 2022 11:04:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCEF 0
22 B 44ms
43ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B25c2K2qLYqidIpuqlQfAtYOYBAAAAAA4AeAEAg&bg=!_v2l_bnNAAZ4vKt9WLw7ACkAdvg8WiyW38YETk1G4LdBncMUZMQDf7b7m_d0fp3QDlvrVNkYlKOtYgIAAALmUgAAAAFoAQcKAG1CXf1LsupuAZUb2K87DRwOMvMxIZYTkIY56osiJCeayDiI9e2DhFvAdktOqwFRoYAQ4u-d4FnFv4ZPjuoo2fDIP5CxnXO89D3pexY-PrnFtMbULnYKYLWV4SApYTvIdbpQm0bt2cB9jKGkXce7mQLkmpx_2c_OoGYx-UqdjxRI1s8udXtptpnjLug_MXh1W8LfTFOhFHFbtPz6GXmFC_tjqK2K5yYGlMoIeP_y9hPpRTPXRYdd61cOIj0y8j-Ez4Z-Bu8xA_zhNLgDEelhH0Bo0dToi2OhTp189stMDosgHdZElm8nTvH23ewhbC2ZFFsDTOAB-fENU-qokGtMmWtXz9PyRHISiZgK4ddz416_Fq3ppAeirEQLIadAYbr91zIOMIMM9aupCFClviOBKFZek4GqhmaHqJQEnmUMUUdy3UpAg-Xxvq1bhnpzJjqHbdtFzQYEoUtaTIggMXlg_Vp-qBTlZlpXi7LkecqsIniXk5_ib0yhMJPQOWjXWINy97ommXNL8yEjx1oOvMjmjc33uI5qB1Nh6eDjkzf2nA7QUAFQ23eiZ8Yl1eWiQ6rMqdbQ3lHd3x_R3tGyXZGOOzpZTAGUkwgSzQfiW0tkarSBtlcY3YV_yyAskCiWPrpM6rnSY9ghG2-bH9ff0F12VE0tW6XvtjguzuU6wlHoPqPxWqXwuFqe1vBF9TP5wYVINr8v5Gvjg409xkNdddCWZaOFI3V5Sc3WTvM7WV0-0ZYfwZVmCIY0BvJq2WtliyxY2bOq7aw19foe4155qMR7UCSBmIlro_ZuEE233bU-OUQwvBQ6oqZa2sIchlcpo0j0DvKF1rFSg6hFO1ZIn24aZlL-hnOKH1X1TrqdSMP59FLiHPUW6RRUvicS-tUBX1e_qEvWMhRiV6gLzl6eisYpj80DYDAAlOPow9FB7TUues3ntIs9fyDbINMGqQswSCZcWmLoh7AI6OvTmLC00euurXrtWZdQ0kq9GlNdunNHgSPXVAkqnNfEslPSdUvVNUMOGXM4agSqA8XwaNU-FBCawCgA54mnVla7jgHslu4oY20gPdLw0qhZEcSA4xXoTQAEYoUAMDFqz1e1KHackbWh59qKKahrKV2Xq94vc8xktlMPiUU8LXk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8245 0
22 B 42ms
42ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZdm0K2qLYraqEo6y3gO0q5TQDgAAAAA4AeAEAg&bg=!Tk2lTQnNAAZ4vKt9WLw7ACkAdvg8WiKjJ5tkkntBhvtZ_VAR89i4Xjk3LaB9q7yyR1oa2vZ8w3mmLQIAAAIsUgAAAANoAQcKAGI1NPWOi1Yv6yRLBEh2YDIbnwTFWk6jI1UfVGwb6V3ejWWWLpII6tBnb46Geosz9ww5BWB-6poO0qtcfDImSDB-7Ke1qtkSEzY0T9Bj7TwvdglxhsOWh29eQuDiq1zOcnCG55kC9j5GBWz8pGxlOF0TDCr0mk0Ql_bg-_GNy7HiWOA0nGBTcrzAXgS9oW2EflisTn4gC0obD399FtFzZ1FuUbpSHJxa7RRKCZmhGy-wtz7Rb90W897ah8kxcA1gYCicY8jYJamuCz8BrjbD-hXnsNc1lG65gRyxV2-ZM-LB6ot6SHoxQhiPMceb81enAI6s5smjwpf09AG3LxLRKnCwgo9fUMALBIp_TrmsUiAL7VHLw65sQ9En2bhAtZbm6nGM_y7pPn7Hu9HKl6oBZzoMrdnIvQnasmjhIpG4wPPkeSGVNBojwGEr9OnFrawUZHUY2WaBluo1PlwAhK9-WbuXxE415WDYdFeE547ch0QpVRnwwhMEEI9_prjMv_CQaFGGfT1EV-xAMotTpYRfzKPzTpjfsWjnVzEKqdODskoWd3nfIKtNLojWH-PN70A4t05f-PBRyHnxQ84uasv4vAlg8aDwFheGPWJhp4aphg4MxJsLTdzM6Fgix5RgROZYqXFC4o8KovfOrG92lvv-3XfAme_jK9ZuQ5ipIttObQxS-srs1EF1ztWrpZNlUZOXPWENfehsnc4WbWJY6iYASSLiHSrGJkW7nui_4NCpQRRp7by2hx32amhwwdNm60xZmZ5_jhlceIMIkUEoq1zgpAvCaWpOM6mivzvK3-_MUEfmruIMWbokaGWiMbMZh0ZwR8ZczQLK3_vZW1zKIwcp4inUib5oo-eCnpZ6fr49Sn_114Yam6vrJRYb0c6hFZrKtDX3F0Vxcfo324F7r8YwAVPIVUpXdb-1GK1WES-jJVAUEBBAAwG-cQQdm-z8bOur4bh0I4KkRW5-Fh1ZOkzNZZ_dy80HHzG5OcRbo3tDBMdRupaOGUV5o4ZeR9PvF2TKBHwM5cE8Jmpch2TqWnixSp3z7nQm0d46bnLfZ7gyXVeAX_X5xwXokFG3ilzGjpDGtQsUFNaiUcz7fgGviwJdgxMEnBstTdnOuWOwBrZuLbpaiswvs_a58OFljGy7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F299 13 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 10:25:16 GMT
expires: Tue, 23 May 2023 10:25:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4011 783 B
535 B 185ms
185ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ab5f339ad031ded0304fd9d725221c6e522395c897969e271e0f986aaeff0b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kIGLbjJcWFmAhpEig50G6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kIGLbjJcWFmAhpEig50G6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:04:13 GMT
expires: Mon, 23 May 2022 11:04:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0E9 0
22 B 43ms
43ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEHtDK2qLYs6NIOiN3gPllouQAgAAAAA4AeAEAg&bg=!NDelN3PNAAZ4vKt9WLw7ACkAdvg8WjAok9vB4anIBX1GeRHM0asbnuyQ5zm5D3IlU729hfzgB5gRQwIAAAIvUgAAAAJoAQeZAt7Wad_WUwDfPHoPPwvCdCmJSMleOsn_N0E3W3UXQrwAoYIDdbgcMBwwkW-Z1UAKmQFiYwnTAXZv7AJt06M6Ap6TqPrW3m6DgpNfq4ENnwFSSG0wdtwXbuvIEmRybk6aNZ85WPoom01zigeWZV8gl2TYp6RmPzhkl48_6JFU6gt4tJGTo-S_QIDG7H2XMml271HcVybM5PogYI9k3-Pa04YvWzmNkGZWuiH1zBSpcAzBZ7zZGUT0l8_6iHBnOdHWLLBTBqha8J1h5kR27DAVykyCM1m-lH6kgB7sQ2IbXYhw9BMnwcOcV-ooX_dt1S2f8VP-9Lc2jV1IEA-NQQrChVkNK8av40U0c7NIAe-TPWA4wtGsLxnAsaIM2xlEFT7z-gM5Dxx30l85u354aFal__D9xMrgiqkhVeaoeYo2QWD0Ihd7oRRhCqLR4Y877f8QZCDUCPD2A3vx0x5TfTTADrsBV1IPKJNIfqKP-v35nlw6HPCk-7WmI-Y48qalgwwo764r9a2etMeT0hXprNrcnjnF21KIjW5ZZub7xZBX3fzaoYvMmaSjGZVKiU67JcwceTyKbtIQMZnKFeDWSo0C9YHbRLxrvh4Ckw6947G0Jcf-Lf4Cg6AHluMy3oaQDy21hgfyqG-akEL2ACF6FJ9INt2cCyOeiZZ-TZP78w3dKyOyb1seFQVpnPAzaIDBo049BUGlqfi7vUODDgymPunnxHhziGiYE8uLxpWg8_aUyyXKYF5f4-zewDmziQXzPS0IbJ0QxPwUtsBNH3MqNztFTC4qKe48AqX5aTmsYh4HfgmD5CSQczmPmg1SXFCCbeKdEzgRc27zvjuVIj92hZc9jVi9dbB8Z0DXzIivT1orb9gQkqkIOuYl0nxZQrsEqYp8rQg-jd2-Z3_pirUrXu2Wj2FP3anjvKKNoRKJR1peCO_yaNlTULV1nO8SAYcRWHPhERFUfkpN4FfT6X9MV08ZFA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 iPhoneXS_spacegrey.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 14 KB
14 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/iPhoneXS_spacegrey.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14789
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 _-spacegrau.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 16 KB
16 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/_-spacegrau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16230
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 imac.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 27 KB
27 KB 12ms
10ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/imac.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27546
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 04_txt_1.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 3 KB
4 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/04_txt_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3579
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/CTA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 14:44:30 GMT
x-content-type-options: nosniff
age: 245983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 14:44:30 GMT

GET
H3 200 refurbed_logo_blue_2020.svg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 7 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/refurbed_logo_blue_2020.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2505
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 brushBG.jpg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 651B 13 KB
13 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/brushBG.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13034
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 iPhoneXS_spacegrey.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 14 KB
14 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/iPhoneXS_spacegrey.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14789
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 _-spacegrau.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 16 KB
16 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/_-spacegrau.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16230
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 imac.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 27 KB
27 KB 10ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/imac.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27546
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 04_txt_1.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 3 KB
4 KB 11ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/04_txt_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3579
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 1 KB
1 KB 11ms
10ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/CTA.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 14:44:30 GMT
x-content-type-options: nosniff
age: 245983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 14:44:30 GMT

GET
H3 200 refurbed_logo_blue_2020.svg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 7 KB
2 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/refurbed_logo_blue_2020.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2505
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 brushBG.jpg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame 2F54 13 KB
13 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/brushBG.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13034
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/CTA.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 refurbed_logo_white_2020.svg
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/refurbed_logo_white_2020.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8481934cdf1d3a610943fd88eef0131ed44e86357d06c84258f43af4286ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2277
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 03_Text.png
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 9 KB
9 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/03_Text.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5d1fd7eabf9f20dd8523ddc055f8e852bad7d9a31630608515f9f1261849c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9675
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 02_text.png
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 23 KB
23 KB 12ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/02_text.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb217cdb2aa910a41f94d5c9217808d1d385ac06d7586c391425c64c6b6bcfa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23071
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 01_text.png
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/01_text.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba4b49ad16d533999d83dd49694770ac074f1f3bfb4ef8414c28e993e68b18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3468
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 image1.jpg
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 72 KB
72 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/image1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fdda9a579b11e70b57eb2f6d5de64e2a0a79889092e4ed99fe38d62fa11ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73896
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 guy2_2.png
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 58 KB
58 KB 13ms
12ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/guy2_2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe38bb2813067c91a68b7c99633c009db282cd06cf55aadfb614495d3ddbb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59615
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/ Frame CA0D 50 KB
50 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/assets/bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3909e3d526c36a447be59af69cbd8b3fbbae83b70f1e4841ccdcd61fe107200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11771404710488047616/AlwaysOn_V04_728x90_DE_Homepage/V04_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 14:37:47 GMT
x-content-type-options: nosniff
age: 591987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51520
x-xss-protection: 0
last-modified: Wed, 12 May 2021 14:56:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 14:37:47 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 46FC 16 B
232 B 87ms
87ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 May 2022 11:04:14 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 133ms
30ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 23 May 2022 11:04:14 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4011 0
0 56ms
56ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051701&jk=789576614196507&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js Show response
pagead2.googlesyndication.com/bg/ Frame F299 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AAcrpHDydyl_zLrsUqLIoJaIpM6fuyfNuw3JGtq9cUA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 08:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 May 2023 08:51:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F299 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Qal4bg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:04:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 iPhoneXS_spacegrey.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 14 KB
14 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/iPhoneXS_spacegrey.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14789
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 _-spacegrau.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 16 KB
16 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/_-spacegrau.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16230
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 imac.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 27 KB
27 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/imac.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 21 May 2022 11:28:18 GMT
x-content-type-options: nosniff
age: 171357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27546
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 May 2023 11:28:18 GMT

GET
H3 200 04_txt_1.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 3 KB
4 KB 11ms
11ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/04_txt_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3579
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/CTA.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 14:44:30 GMT
x-content-type-options: nosniff
age: 245985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 14:44:30 GMT

GET
H3 200 refurbed_logo_blue_2020.svg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 7 KB
2 KB 12ms
12ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/refurbed_logo_blue_2020.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2505
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 200 brushBG.jpg
s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/ Frame DE4F 13 KB
13 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/assets/brushBG.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/gwdimage_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18244173339004239872/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 07:00:08 GMT
x-content-type-options: nosniff
age: 273847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13034
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 18:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 May 2023 07:00:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
109ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051701&jk=789576614196507&bg=!39yl3JjNAAZ4vKt9WLw7ACkAdvg8Wv2Jc6Fz54Tz4vhpiVt1Cqbz1Alzfwr7hFbC6gGZrtZI-C7WhgIAAAFcUgAAAAJoAQcKACAOu8erIpg86UsBxSWKMgrZw-8q4pjwv_ZIQbhx54moeZkClZkCEUKuEgxISM0Q4XJW9ApkVG5UtfX5NptV_iwxJq2FCECy4RvZPiIuejqFB3QN6f0xmR9mAzk3E3P6Aj5I-K5ahjAZynBvf011rS9nwdzC6F_g5uBI4uz6q4UmVsWPwi5SuYpMSMr2-wyOqUayCLgq71OCJlFbFSsB2cr1sNoGjSW5o6hBmfoNFJEE5z8E2jhu0PDHm2bAMTWAiHPnKhGdJB_6KXG7Ku1wh3DWb8gp-K5v0csSzW8tJkbKNdCgeyUR2EBU2dRyd-d428hm0TKu188jGxIobEue0Z62vxRTPc7cmDcmtJOT_fHRVP3f65jFuGTuKRdlvCNrQ5SwC9bjsbZNhsltbo-eNR_-xyyuD2QRbgJ-B-uWwXXWAjOEvMxVFWyygoOoWWHpfYgfitYeZoccJKUu5fpep4XgHJTMkvpYiMJWlou90pkIBOgsdfm8o6e7PRUM5bPgKbkaOj8wLLsrjWFUgWZSFbI4O3vO75fgp_6DkwobuzWPJMNAXKUO-D2sESSRrmgC2uArJZoSVOzkqKjIjAjEgDtdTiI-nuCqpGSVTeqsewzJwvBsY0qg5b0-oZaSM0zAVPUqrL2MEbpx3_GipQAZjO6QYdvNoct6zg3pGvADmCmsEUGUN1_zvXH99bgWq_8ntp5ghYtI9P8ctMZFXlP6Jf8rCTMNSpGHCE2bxIxDiKOKEM27R6frr7xZi7bHSg7TG1f3qJHriL-x_dq0SWpZ_7dJRj1zM273sz7Lm9EfpqauAZGOXR3OQ2v9gyW0HOawnrSjSCL74cH7qa_HPrj-7CQdefFY15zzSHOzxUewPsZPxaZmjG_R8J8f--7fx-M7ScG_yWzUQikPNzCUkm4H8zOD1clfShzBtnw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 197ms
196ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 32ms
10ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:ec440ba82.67821cd80_1653303849361,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653303859468
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:19 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 dc_oe=ChMIjovW5bz19wIVFITeCh37Fga5EAAYACDG_ZdCQhMIqMys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861398;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 61BF 42 B
494 B 94ms
43ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjovW5bz19wIVFITeCh37Fga5EAAYACDG_ZdCQhMIqMys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861398;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIs4nW5bz19wIV2Zp3Ch1F-gleEAAYACDG_ZdCQhMIp8ys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861721;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0068 42 B
63 B 60ms
44ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs4nW5bz19wIV2Zp3Ch1F-gleEAAYACDG_ZdCQhMIp8ys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861721;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIo_DW5bz19wIVC3PgCh0vYgIhEAAYACDs4pFCQhMIqcys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861722;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3750 42 B
63 B 60ms
44ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo_DW5bz19wIVC3PgCh0vYgIhEAAYACDs4pFCQhMIqcys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303861722;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI9uuM5rz19wIVDpl3Ch20FQXqEAAYACCjjPBPQhMIrunl5bz19wIVlYiDBx29OgwN;met=1;&timestamp=1653303862713;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F6AD 42 B
63 B 43ms
42ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9uuM5rz19wIVDpl3Ch20FQXqEAAYACCjjPBPQhMIrunl5bz19wIVlYiDBx29OgwN;met=1;&timestamp=1653303862713;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIjs-a5rz19wIV6IZ3Ch1lywIiEAAYACDG_ZdCQhMIstnw5bz19wIVwrx3Ch3a9gr_;met=1;&timestamp=1653303862869;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FAEC 42 B
63 B 42ms
42ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjs-a5rz19wIV6IZ3Ch1lywIiEAAYACDG_ZdCQhMIstnw5bz19wIVwrx3Ch3a9gr_;met=1;&timestamp=1653303862869;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 98ms
97ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 32ms
11ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:ec440ba82.67821cd80_1653303849361,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653303869473
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:29 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 dc_oe=ChMIjovW5bz19wIVFITeCh37Fga5EAAYACDG_ZdCQhMIqMys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871380;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 61BF 42 B
63 B 42ms
42ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjovW5bz19wIVFITeCh37Fga5EAAYACDG_ZdCQhMIqMys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871380;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIs4nW5bz19wIV2Zp3Ch1F-gleEAAYACDG_ZdCQhMIp8ys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871731;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 0068 42 B
63 B 45ms
44ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs4nW5bz19wIV2Zp3Ch1F-gleEAAYACDG_ZdCQhMIp8ys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871731;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIo_DW5bz19wIVC3PgCh0vYgIhEAAYACDs4pFCQhMIqcys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871732;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 3750 42 B
63 B 45ms
45ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo_DW5bz19wIVC3PgCh0vYgIhEAAYACDs4pFCQhMIqcys5bz19wIVk4feCh1a_giO;met=1;&timestamp=1653303871732;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI9uuM5rz19wIVDpl3Ch20FQXqEAAYACCjjPBPQhMIrunl5bz19wIVlYiDBx29OgwN;met=1;&timestamp=1653303872736;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame F6AD 42 B
63 B 43ms
42ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9uuM5rz19wIVDpl3Ch20FQXqEAAYACCjjPBPQhMIrunl5bz19wIVlYiDBx29OgwN;met=1;&timestamp=1653303872736;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 97ms
97ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Mon, 23 May 2022 11:04:32 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 dc_oe=ChMIjs-a5rz19wIV6IZ3Ch1lywIiEAAYACDG_ZdCQhMIstnw5bz19wIVwrx3Ch3a9gr_;met=1;&timestamp=1653303872858;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame FAEC 42 B
63 B 42ms
41ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjs-a5rz19wIV6IZ3Ch1lywIiEAAYACDG_ZdCQhMIstnw5bz19wIVwrx3Ch3a9gr_;met=1;&timestamp=1653303872858;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 May 2022 11:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 32ms
11ms XHR
text/javascript 88.99.5.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:time[url:%2F,device:desktop,type_article:Main,user_id:ec440ba82.67821cd80_1653303849361,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1653303879450
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-5-37.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 May 2022 11:04:39 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adaptv.advertising.com
URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESED3lcWDPvhZupwBLhJ9CnVc&google_cver=1&google_push=AYg5qPL5j_eKFLWVZstUeE1-B-LxZk5d7D__zRFtLorAoDFjXfNd_3uUJmmMrXqjrWkWTel4EIxR-k3I8zP0rcD1hVFJQiaEkwY

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEEx6ZaRaaVAgDSfEBCsg3Ug&google_cver=1&google_push=AYg5qPKG502noZIzvCpGkGnF2mE6XXvOSkakEhMqLjop5A6FV4RYNDn1dqH4nCorRKD_Ln2m0Pj-tMPY5coo7KtK8fIAbkghlYCp

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nur.kz/	1970-01-20 03:16:30	Name: _gid Value: GA1.2.946190871.1653303849
.nur.kz/	1970-01-20 03:15:03	Name: _gat Value: 1
.nur.kz/	1970-01-20 03:15:04	Name: __io_d Value: 1_705468254
www.nur.kz/	1970-01-20 12:00:39	Name: __io_lv Value: 1653303849360
www.nur.kz/	1970-01-20 12:00:39	Name: __io Value: ec440ba82.67821cd80_1653303849361
.nur.kz/	1970-01-20 03:15:05	Name: __io_session_id Value: 1a3e3723f.1e8794c67_1653303849362
.nur.kz/	1970-01-20 03:15:04	Name: __io_nav_state336 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.nur.kz%22%2C%22previousDomain%22%3A%22%22%7D
www.nur.kz/	1970-01-20 12:00:39	Name: __io_unique_336 Value: 23
www.nur.kz/	1970-01-20 03:15:50	Name: __io_uh Value: 1
www.nur.kz/	1970-01-20 03:15:04	Name: __io_visit_336 Value: 1
.nur.kz/	1970-01-20 03:15:05	Name: __asc Value: 268210e8180f096b21c0333cd68
.nur.kz/	1970-01-20 12:02:06	Name: __auc Value: 268210e8180f096b21c0333cd68
.nur.kz/	1970-01-20 20:46:15	Name: _ga_L3EYGX7DJS Value: GS1.1.1653303849.1.0.1653303849.60
www.clarity.ms/	1970-01-20 12:00:39	Name: CLID Value: b6a1b698d0734f9b9ae319bf46654e72.20220523.20230523
.nur.kz/	1970-01-23 19:05:27	Name: __eventn_id_props Value: %7B%22globalProps%22%3A%7B%22env%22%3A%22prod%22%2C%22source_type%22%3A%22desktop%22%7D%2C%22propsPerEvent%22%3A%7B%7D%7D
.nur.kz/	1970-01-20 13:15:03	Name: nur_user_id Value: 0759c990-9bfa-43d5-be64-e32f22ae7ee7
.nur.kz/	1970-01-23 19:05:27	Name: __eventn_id_usr Value: %7B%22id%22%3A%220759c990-9bfa-43d5-be64-e32f22ae7ee7%22%7D
.nur.kz/	1970-01-23 19:05:27	Name: __eventn_id Value: ljveotz0u1
.nur.kz/	1970-01-20 05:03:50	Name: _gaexp Value: GAX1.2.CgAho3N_S6ek6TgBcPgd7A.19211.1
.nur.kz/	1970-01-20 20:46:15	Name: _ga Value: GA1.2.1962745041.1653303849
.nur.kz/	1970-01-20 03:15:03	Name: _gat_ABtests Value: 1
.nur.kz/	1970-01-20 12:00:39	Name: _clck Value: tk1ng8\|1\|f1p\|0
.yandex.ru/	1970-01-23 18:51:03	Name: yandexuid Value: 9375793391653303849
.nur.kz/	1970-01-20 03:16:30	Name: _clsk Value: 1c1yh45\|1653303850240\|1\|1\|j.clarity.ms/collect
.doubleclick.net/	1970-01-20 12:36:39	Name: IDE Value: AHWqTUk8BUB_6ysi0jzt2nk0Mx82qwiM_EF530QFL9X6E91dp4gEA76pHWaRBTwiZ9E
.casalemedia.com/	1970-01-20 05:24:39	Name: CMPS Value: 3232
.casalemedia.com/	1970-01-20 12:00:39	Name: CMID Value: YotqKiwxqI0AwEVZ-6ne8gAA
.casalemedia.com/	1970-01-20 05:24:39	Name: CMPRO Value: 1204
.adnxs.com/	1970-01-20 05:24:39	Name: uuid2 Value: 5692073716463239017
.nur.kz/	1970-01-20 12:36:39	Name: __gads Value: ID=2631207b1ccacb0a:T=1653303849:S=ALNI_MbnvFfMZBm0c-sG7XFuF-7-D5dbWg
.casalemedia.com/	1970-01-20 03:16:30	Name: CMST Value: YotqKmKLaisA
.casalemedia.com/	1970-01-20 12:00:39	Name: CMRUM3 Value: 2d628b6a2b2760CAESENQt93RJWFhv9YDZ3oBRJAk
.adnxs.com/	1970-01-20 05:24:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>5eY.G(!]tcs8i_iqf!oN/@E'zz<Z0QuWsnBa$fT]98-$qBb8Rh)5Q`CKBIjCA7Y/XTD._PlZ[C[-kX-6$[S'
.advertising.com/	1970-01-20 12:02:06	Name: APID Value: UP13767384-da88-11ec-a421-068f2ada2e5e
.adtriba.com/	1970-01-20 20:47:42	Name: atbgdid Value: cf29272a-dd9a-4cef-b873-450e1c07f838
.spotxchange.com/	1970-01-20 12:00:43	Name: audience Value: 1382e2e4-da88-11ec-b979-14604df00206
.adfarm1.adition.com/	1970-01-20 05:24:39	Name: UserID1 Value: 7100885974694688915
.ctnsnet.com/	1970-01-20 12:00:39	Name: gid_CAESEMKnc_WtiXRA-c2vcjejVBI Value: 1
.bidswitch.net/	1970-01-20 12:00:39	Name: tuuid Value: 5a8348cc-3a6d-47af-9372-b171befbc929
.bidswitch.net/	1970-01-20 12:00:39	Name: c Value: 1653303852
.bidswitch.net/	1970-01-20 12:00:39	Name: tuuid_lu Value: 1653303852
.de17a.com/	1970-01-20 11:53:27	Name: guid2 Value: 1.3974893273132329923
.redintelligence.net/	1970-01-20 05:24:39	Name: 8lcfmzhxc8d6_uid Value: ba5577bc3299d612
.bidswitch.net/	1970-01-20 03:15:04	Name: google_push Value: AYg5qPIB-3B2AgyhYFZo221K3IcuVkDBJlQb5YaKgYZfTd93Hojq6zD3IoG886QrS77D9m1ns5ep8NNh9uV9bJ0X6hgtdJ8uCqY
.lijit.com/	1970-01-20 12:00:39	Name: ljt_reader Value: EsC4pGZH9ngGli1rSXC0rooN
.travelaudience.com/	1970-01-20 12:45:18	Name: _tracker Value: %7B%22UUID%22%3A%2250BE2D09-DB5F-4A17-88B5-2E8A3D522587%22%7D
.ctnsnet.com/	1970-01-20 12:00:39	Name: cid Value: 728eb2597fc44c7abe6d81ab90da8ae5
.yandex.ru/	1970-01-20 20:46:15	Name: i Value: Sy5qRPdHhCsw8Jn1QTiJS2Ql/Kvxp5mpM4EekdqxJA9LhZNuK2BzE07ySPD8sbyyIchwRQkueADNn1/shJ2PcUke3VM=
.turn.com/	1970-01-20 07:34:15	Name: uid Value: 3956656096580344908
.360yield.com/	1970-01-20 05:24:39	Name: tuuid Value: 53a89129-4cfc-45ba-8e72-10f7b158e1a5
.360yield.com/	1970-01-20 05:24:39	Name: tuuid_lu Value: 1653303852
.retailads.net/	1970-01-20 03:58:15	Name: ppb2172 Value: 1397814442
.awin1.com/	1970-01-20 03:17:56	Name: awpv22610 Value: 296283\|1653303852\|140a4eb0-da88-11ec-85d9-223185680794
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: cc54cf0hgl0m0zi0npevjlzb
pb.media01.eu/	1970-01-20 20:47:42	Name: DTU Value: 40BF91D1616EE86E9968E71A2A9AC081
.mathtag.com/	1970-01-20 12:40:59	Name: uuid Value: 951f628b-6a2c-4d00-a032-178ef37acc3b
.mathtag.com/	1970-01-20 03:58:15	Name: mt_mop Value: 4:1653303852
.futalis.de/	1970-01-20 04:41:27	Name: raSIDb Value: 1397814442
.c.bing.com/	1970-01-20 12:36:39	Name: SRM_B Value: 2918AF6F769E6FB23BD6BEC277F56E2D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:36:39	Name: MUID Value: 2918AF6F769E6FB23BD6BEC277F56E2D
.c.clarity.ms/	1970-01-20 03:15:04	Name: ANONCHK Value: 0
.everesttech.net/	1970-01-20 12:00:39	Name: everest_g_v2 Value: g_surferid~YotqLQADdAOnFQAo

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEIhvJwO3TzrFv7eDwuFAzJo&_origin=1&google_cver=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESED3lcWDPvhZupwBLhJ9CnVc&google_cver=1&google_push=AYg5qPL5j_eKFLWVZstUeE1-B-LxZk5d7D__zRFtLorAoDFjXfNd_3uUJmmMrXqjrWkWTel4EIxR-k3I8zP0rcD1hVFJQiaEkwY Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

57d99ae88a95262a23de8436980efb90.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad-server.eu
ad.turn.com
ade.googlesyndication.com
ads.adfox.ru
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.google.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
avatars.mds.yandex.net
c.bing.com
c.clarity.ms
cat.fr.eu.criteo.com
cdn.nur.kz
cdn.onthe.io
cdn.retailads.net
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
csm.eu.criteo.net
d.adtriba.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
j.clarity.ms
match.360yield.com
nur.kz
nurtech.pro
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.advertising.com
pv.medialead.de
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stat.khanate.pro
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
tttt.onthe.io
us-u.openx.net
webapi.nur.kz
www.awin1.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.nur.kz
x.bidswitch.net
yandex.ru
yastatic.net
google2waycm.netmng.com
sync.adaptv.advertising.com
104.111.239.217
104.92.106.130
108.128.51.115
116.203.211.59
142.250.181.226
142.250.185.130
142.250.185.198
142.250.185.66
142.250.74.194
143.204.215.33
145.239.193.130
151.101.2.49
178.250.0.139
178.250.0.160
178.250.2.150
18.184.26.149
18.194.10.133
18.66.248.93
185.29.132.241
185.33.221.50
185.86.137.107
185.94.180.125
20.85.30.134
2001:678:cb4:bbbb::11
213.155.156.182
213.19.147.45
23.35.236.247
2600:9000:2057:bc00:1b:5138:8a40:93a1
2606:4700::6811:180e
2620:1ec:27::cafe:1586
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9b
2a01:4f8:d0a:2321::2
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1be
2a02:6b8::36
2a02:6b8:a::a
2a02:fa8:8806:16::1400
3.124.9.195
35.186.193.173
35.186.253.211
35.190.0.66
35.244.159.8
46.236.35.87
46.4.10.47
49.12.22.42
51.89.9.253
52.142.114.2
54.70.139.114
54.72.0.164
54.76.176.197
66.155.71.25
72.251.249.14
78.46.111.106
85.114.159.118
88.198.250.30
88.99.5.37
91.215.139.234
91.215.139.235
94.247.128.35
94.247.128.37
94.247.128.43
99.86.4.123
00072ba470f277297fccbaec52a2c8a09688a4ce9fbb27cdbb0dc91adabd7140
01bb9345cf1d8d3848f4be8cf137ef037a99a3fb521d179ccf37df677562aec1
030011375e134406b94777255c02b5c07f450ce5597506bbf198cd4f958a47c9
033b6c344d46460e74306557645851170fa5ab3b0cc71f87e728e634aefb054d
03aa4536a5078e4137c13096c7d3156b925d4c4381261f537daeccdfdf687d52
03e5f97537c1fe808733324bbe7670a65bb50d6ac77c56caab5f215c7d6a8e9e
05598f8f2a66f401f2b91bb8e05d09197bbbad7090f838f16c01f7d55f8e678b
056330f56376b3693903e97fadfec0bfdd569acd78192941b1b6ad055d6a0177
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
05ece81589591363a0f7ab97915453ef105342daa1112893f2a05b7ec01a4bde
07882be48cb972b716b05891489db542e33182c886f132eff52b877771450c7e
07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32
081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7
08d5eb9eb095f5165fd989c39e0eeeb290b06161e1a62c4e158780965a267003
0906e036897c57571bf5aee463cf4fe7fcbd3d3b8f235280d4cac2691c53eb8e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5d1fd7eabf9f20dd8523ddc055f8e852bad7d9a31630608515f9f1261849c9
11f6d363f8c4294bf10f649f4951a882c6c22f69bac082a2d2851ca5e677f478
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
135e207039181af5cc0e39e0edbbeb01b09cf2d6c984290fc0823013e656d98a
14abac934c22f97f9ba4c57ddce16e16b2724d1723d1f90272703f0fdba3a8b7
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
171cdf4aaca1d90b25b0136352f75578c1e59ffdd3e426a8aa182773ea46d8f7
17cf397d61c195f58b1740cc10f6908a8adb3f0a0f9b67d62d0ebe5696e79eda
1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c
1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310
1d42b72eccf092abe86849e31a9663f989dac98a7037bd88ca540e551faa6ce8
1db4fe06afc33dd4434817e31231f2b41528f6c314ea5d46373800876a474abf
1dfb3bee651f1e126fe35b5af8584e441e3e4857697b6db417de4a6ea00577c5
1dfff0b10e807170a9e014ca17ae5686315e8b6e99288f71e9ee2206f2861793
21e6a2e3f2de3e89036b2c31eb516d3256a97976b551e306ea1c1c93775a4d3d
237e031dc00b6690fa1159448313f2ea2b4cca8f37c82c184b1a7d0cdfbadeac
23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4
25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76
2838c213ca44722c5464f109f4f2579079a13a2a5e4da53c3bdc8ea5a08195ce
2870218c8f77e99ee71a4a49fe9429780a452b4081a1fb38c2d57f10244c7bff
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2ab5f339ad031ded0304fd9d725221c6e522395c897969e271e0f986aaeff0b2
2ae6a8db56820ee4eac60bc01c051535a03816b63c4d662f67e8ed1b5e27eae6
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
324bcea8ab074b342ea41f5b5acecff155d45ef22a65149a283543035c233cc4
32733776c725ba00e8a8ef6a829d02a2a096eb3070ec019e3b8b33a384f7b0b8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34426093732f29f1bd01a5a11c13344f5f40ebc75a89cacd15ea3fb709f55261
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34950c2b3c5671ba37e6a2bb9c3a916d7214ce23de2febeb189f67dc329dc448
34c078d743bf666fee6b38caefafb008eb6486c616698e89ee46541c68c376f9
356ad684965fe5adf864696ca5b0636a75048c685370a531ddac62dc8eba08e7
35907598cca5239c34a3007c5895908ba662945d54c76d3363f7048040cfe5a9
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3bd4eb2ece0fe98f279a14bb2b61ecbbcd501a598b50f1f8b211f76ecd420996
3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6
40b43f95a77c55e01de63643c035680c7464141ffc596b5818a77e41d7b54e31
413af0b1e271bb1232df4dc35c73bdef1c3e9ad0bad232187b270c3c74466ac8
4489654fed8c9c74673842a01b843721f90f284f177ec777830a1896b67594e6
4546bc5e11fa6633d8f143ffb0f353264aa3e690d4239e6e0b5a22b7ebfcdcec
4572cd5079dfe161ad888bfc693f7175b24b082f3c9d83fdd79672b8f1f28f1d
467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437
46b0d1d64e68990d8c3d39463bb11d33eb243e54bf7865cddde2a5b8db047530
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a954453621dd16bb1c57d71d495d2df9b53cfd7105be52cd920e32b91c2e22
4b55813b25ae260a56eda5cfaeb38da7eb5e3e973550ecd6a55babff1eda048e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bdc7f25d682d68072adcac518d4c27e53fcf59415c86ae662cc7da369430b4
5316657b1ed3221c8eb46e40288646c40d3b43b3ac5bd510c440328be81e1d06
53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4
5324b70acffa135875d1bfec7ea87d058005568791e54ba4b8410fb2fb1739ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551fb2ba7341c79e79d37ee4ce8d7f40b2f2fe4c319710e87e659ca2fe31d1ad
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e5e23f1de31a67a9335450ab9ce95793b9cfdc364ead2d4a700a7b7bce32b1
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019
57c574845a793acec11e8266bc2b3ee3e638c56b3422f18e4fefdff6c7fce51e
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0
59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2
5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b
5b194d1b66d0525a8295a4d12c978c3f294e9e2f11da010d5e22bbd0f17b8fd7
5cee464288c4258f06ae6dd8f9ef493d806fc70f79253208df8ec94f7b1b5418
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe
5fe38bb2813067c91a68b7c99633c009db282cd06cf55aadfb614495d3ddbb93
60c0d5b202f60f6ef748b4c28de407ba5c1c57be5a8da13d86dbea6c9945eee5
60fc65fd65b05a8b21077c30c511303f4cc9d9a659226b3a279d1ee2f65fd35c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8
64928491ebe9a3cc3e5f38cb23e546583fd09c9690a14248c85fc67aed5b0567
651ae67e20cfc651d60dfb7df16aa8e98e105a9aa78e2c5d550a7f11a728a472
681bddae0af610a19ebebe52b64cdf96fe24039443227f837632435ecc76b68e
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302
6a4a5d757539bcac6c385766a79adbfecea08481bab0cb02b89b58703961339e
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5
6f3c72570258ec32dff21f32222ec7598e2b0f4bb038bbc1458fec1ad8afd341
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
728bd30ec354e55cde9bc21743752e7cce9c6df7b3753227afc9754a3a78679d
73dca0dbf42125791b5d2c96c654700f1512762cc101b00958349e2002c5f423
74fdda9a579b11e70b57eb2f6d5de64e2a0a79889092e4ed99fe38d62fa11ba7
78e3e824e9c1b0f3bd977194491f575cfff3f20bf424a21ff239e885a9aaf608
7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7
7b8c01c57210f25371735d764e24159f18289f032d87806dd7856ff134abb2d5
7c3f1e3b8186639d48e111a10cd634d34f5b513bfb5b137cc47022100f31a4ca
7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dd33701bd2ac3d3acb6b875af08c957e54ecf5ab00882ab595d7e7ea21e8ad
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b33005798c2d2a5b248da39129831f44dec9b9fe87d988d970175597e444139
8ba4b49ad16d533999d83dd49694770ac074f1f3bfb4ef8414c28e993e68b18f
8d6e4721d53a6600e637e7657bbb8dd5eff663299b9f67c918fa159fec8373c2
8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef072052cbc1e7aaca2dd2548d9d0cfa8a8ba27ba502577471139cb7abea0c4
906279f962df2b9a0aebadf33bdce9bafc4246e2cd71bc4639b91dadd27105ef
90ffc5d6400b9de98fc44b90e81177a14b05c926d780cc0ce3d34021599cc66e
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
91f38387f69121d9adc1accdf2adc739622baf9dfc526d412c6fdb317d28b5fe
92eaf9f1433a933b57f86758812c2d60802dfbabeff2a49c42d02fddfd516d01
932796b20ed17f91e804790a141a63672af0224a814c85795b4f698b0b701682
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
947192254268002e4be259000333f6c1e3cb755fd7f344816afa1a358dfbf261
9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7
998e9467efaee0cd857fcb8ec2e1a70e8957773fec8891d982ebca5b6299e4d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbfe183a5e35ec2e70e912b6faf020a6caa0ea879b4611392889c8b92c313b6
9c2dd75c175466bfeae087c24e6809cb97621deb1b6c5c23b11c009aaed2a556
9cb740a1a21bf59752ed10cd06ea4ee511193e9218653ececff8d482edb2e190
9e4ab6a71720b11ffcf074809e80590bda2dfc006ecbb70f4d719a678af1b307
9ef69d91079bbb3aeb0abbf7a68c9d400b6d2a78a46ff9b5bcecb1c98df3878a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
a1d0bb676704f499f0d4a35474c5e433f46e195746750e8babdbfed04221b601
a27afd9a794b9e16b8633729d4ab773c6ec2f94137f081fcd2f67f525f5c27cf
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3956c170638b1fade04ee833f0fd790668c1b0d4a4e750b63b4078028be279e
a3d5d92188bd4d6bcc691a481ecd61eb90963287668af5ee8727dec029c1f2f7
a41a003c4e1a6656bb775acb404f448839c54d18e0eeb365b0551b6908ad3da8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a2843fb177ea181d4a479e10ba66cd5354bc0493f21f2e7c537b4bc69acb34
a7a48449a4f6b7adf1d10fb6b1e4814b718c20e5e9ec02080cbf52db5e58b2df
a99bfdededfa3332929850cf132cb86c48e203ffee6aa4204861178669011cd1
ab65ebc1dacd85838761ee9947a211d6b7a9cd1647dc82c319152215e162960a
abcc1f0b3adddb9d292307bdba9b09e3f12a5bd93d06cf9c19fcafa42e2fed33
adcf6f4e6f017a2ab95d6688216b398dc83209888804c993e3bbce70c0c41209
ae509848a4bf4ffd4b0bd862c276df162f036b2dea5ff3fd0a8e66461cf162aa
aea587c955b2759543f93e929d4c3825587fd0b093130090f542ca2af6b95cfa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aecf30c39a198017459637aaa80b499f59140dd3126caa3fbdf544f2b89fd1a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17ba3329aeed8caf7cd85db62cde9c5502325c5268aee997b89ae939e4d3a7d
b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
b5450c60933383eae8edec2b2d0968427d949cfd8f6df2a9bad0c3e46e63c4a5
b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045
b809aebd69050e3e11ea1a400e39b593e38419cab8f4f5e7d83fba02e11eed1f
b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4
ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e
bc30fa8ae5a3223209e828b07b577606119b3eb8577f68fc63a38bfc78a95a34
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bca469f00e34543799c431d4fa6543770d5b0c108d75d6651faa9058df9b3b59
bf4ca025ce4ff09e6ab9d0ae2b135ac09d2e29ac2303a7514c022d4177aeece3
bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796
c0f8712858aaeaa167b758be619f8b47d90e1ae78a57d9f5376cde602e13b90b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1535fcd9124a8d616bcd65a2b331deac74485fe59a72734e7a39e2d4a153331
c221c545c446656507ebd0e249a5d26deae00491d4b472af043484067f724c3e
c44da0d7dd882859dd22062a9c7c1f4c565af67d1e9d7dfbc7b685130241fee4
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c6334df911b12e50cffb9153fc8799401f6509c4ffe20b4054ddb2ba7a1ccf6b
c67f2bb7e9b75c0e6cbfb6eec2c5475e04f902834629cdb5270d347c75bf6883
c824afa9a57db85a5957af264d153dffa83f94cf055c66249b765c04d0964468
c8481934cdf1d3a610943fd88eef0131ed44e86357d06c84258f43af4286ab5a
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924
cc79ccad4ba93bb7314ae08ce7226081e21d9379bc0442cffc42e8f0ba56c407
cdf31faf3dd8935f5ee63c1a29cee78a7921ea31fb3cacae156773602ed576d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d17e00af993a524ce09f8ffb29a50a51a97a5ed53152bcf7f2d3f0db9057e083
d2dd3599e7e2b9d298755ba7b0a578f9c0b8a88730f5c16993570a1de648a14e
d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e
d679e8edf16f18e378442ba57c1983c696d17ee9e1d08c52139985f20fd187a0
d6f980d2f0247392f4a6c535cbc1c32084db845fe19b86e9a963e346a6e098b2
d7ce8e4aa4ddb80304b11750b39deaa517d293fad81e19ab9c0fb58c4529e314
da96a933feeba485b5e59758abb2acbb369cf407d9d9f814e767936387c26b4c
dc8efe44a8f22abc2f1abac530413ba278444d6dabc100452639cafdd9f048fd
dd74716dab8ccb5dee6626fa4e1a72eb209bbee5174a3e0862290c0756c53c4f
dde2a0827f602c25b81769496f43c629c0af93f03c36f5b3cb1db441e76c150d
def9499d85aa9ccd146cd3fbea29d13641bae3d699c0a55e57ae2f8cf5b344bd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e149e2e10ef304e7c24654754ca3ec8684e02bed893a785e14b57df3be3feaa9
e3909e3d526c36a447be59af69cbd8b3fbbae83b70f1e4841ccdcd61fe107200
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e496494e8611da5eb32f4d65d9eaf0ef6e0c43f7eb3e2656989a4eccc31a9ff7
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e93a7d65ce3bb91c81fc7ba5fd950555be028273521907fea8d236d4f97eb48f
ea3e94ae218d409f2e06adab5a3cbf7517d3993af10e339f0c57e370420c742e
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
eb6c6f805e420dcbeb3707ba886b78109fa5b77edc62832d81103f389c5bcfb4
eb7922e29fd9bbbb9e385c952731a93f50b0ba8d472cd16e65f66d18cf08ba4f
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70
ee0387813905a914438df43ca82b1865b22f00b0eabcfdc8df28c2ed5fdcb02b
ee7058cb0dafd52505d951fe8640b8e7cd3eded23b93ac54deadc76fccf934c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02257926fdd4c2e16702b57f48073542bc38fe69218b054e5e8f58870e12c24
f058ecc947d0bc01e2855afaff0be17a2e30ae1e067ad3a5389b986a62225e26
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
f10c183b5273dbed2c349952ff9b08ee345e2b2cb1658f5dc2d3d6e57802740e
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f29df1f053964fb2ed7827a0c4361958c83e1bb174db83bd32edd06b4a5b6fda
f33dc6ac975eeb17de5c5d4dfd578a9b793ad29ce4c9fc9971c61d3e32668c67
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6ad7e07715720f59dba6fcdb51a072cdf40ad24aecddb3700d3973118d2d9c1
f81b83344d1a235f54adb3800f29a31d8861f300a8b9276f5d25d0efdd481a93
fa3488c1f1546fd2dc0e99ba16137ac11217dfb19f3f79c41d6cc24669668f54
fb217cdb2aa910a41f94d5c9217808d1d385ac06d7586c391425c64c6b6bcfa5
fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f
fc619fbeea080ec9319947cb60783f1d0dde559b6a9872a21ce277b6d9b4a9bb
fc674ac296af3ea03eee3165e0950e85286eb87d7b0a85e204697c0a87cfebf5
fdcc621864eab315fba4a0bd0d48c095bb5e49cccca6ac9f50cfa522fa5adffb
fe2b6f51a75fc1f869c0f4d3562b906021b0ddf31cb85a3b4d58c224a64bef17
ffbb1eb766ddcc43600a98ce08905a3081fdb63ba464ed432564ed53aa632d25

www.nur.kz Open in urlscan Pro 91.215.139.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

489 Requests

90 %HTTPS

37 %IPv6

59 Domains

87 Subdomains

67 IPs

11 Countries

4662 kBTransfer

9771 kBSize

64 Cookies

25 Outgoing links

Page URL History

Redirected requests

489 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Screenshot
Live screenshot

Full Image

489
Requests

90 %
HTTPS

37 %
IPv6

59
Domains

87
Subdomains

67
IPs

11
Countries

4662 kB
Transfer

9771 kB
Size

64
Cookies

489 HTTP transactions
7 data transactions