urlscan.io logo urlscan.io
SecurityTrails logo

www.nur.kz Open in urlscan Pro
91.215.139.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nur.kz/
Effective URL: https://www.nur.kz/
Submission: On June 07 via api from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 12 countries across 63 domains to perform 260 HTTP transactions. The main IP is 91.215.139.235, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is www.nur.kz. The Cisco Umbrella rank of the primary domain is 413919.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 29th 2022. Valid for: a year.
This is the only time www.nur.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 91.215.139.234 48716 (PSKZ-ALA)
20 91.215.139.235 48716 (PSKZ-ALA)
17 94.247.128.34 48716 (PSKZ-ALA)
1 116.202.11.241 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:27::... 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
5 95.216.24.148 24940 (HETZNER-AS)
3 94.247.128.43 48716 (PSKZ-ALA)
9 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 99.86.4.91 16509 (AMAZON-02)
3 14 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.6 16509 (AMAZON-02)
1 44.239.96.25 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.167.85.21 8075 (MICROSOFT...)
1 94.247.128.37 48716 (PSKZ-ALA)
11 2a02:6b8:20::215 208722 (GLOBAL_DC)
14 2a00:1450:400... 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
25 2a00:1450:400... 15169 (GOOGLE)
6 2a02:6b8::1be 208722 (GLOBAL_DC)
6 30 2a02:6b8::90 208722 (GLOBAL_DC)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 85.14.248.91 24961 (MYLOC-AS ...)
2 15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.74.198 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 9 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a02:6b8::36 208722 (GLOBAL_DC)
1 2a02:6b8::184 208722 (GLOBAL_DC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
4 4 104.36.113.23 62713 (AS-PUBMATIC)
3 12 142.250.186.98 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
3 3 2.20.85.164 16625 (AKAMAI-AS)
1 2a02:6b8::5:114 208722 (GLOBAL_DC)
3 3 193.3.184.138 50214 (QWARTA)
1 1 157.90.179.218 24940 (HETZNER-AS)
2 3 188.42.191.196 7979 (SERVERS-COM)
1 2 34.252.147.157 16509 (AMAZON-02)
1 82.145.213.8 39832 (NO-OPERA)
1 1 2001:6d0:4001... 52016 (TNSMSK-)
2 37.18.16.23 205675 (HYBRID-AS)
2 2 185.15.175.144 43226 (SAFEDATA ...)
2 2 54.155.185.156 16509 (AMAZON-02)
1 1 195.201.87.224 24940 (HETZNER-AS)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 1 91.192.150.14 42481 (BEGUN-AS)
2 2 193.232.148.146 48061 (UMA-TECH-AS)
2 2 35.190.24.218 15169 (GOOGLE)
1 1 31.220.27.155 39572 (ADVANCEDH...)
2 2 217.66.147.170 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 2 95.217.109.66 24940 (HETZNER-AS)
1 1 88.212.201.204 39134 (UNITEDNET)
2 81.222.128.216 20597 (ELTEL-AS)
2 2 136.243.148.229 24940 (HETZNER-AS)
1 31.172.81.158 44066 (DE-FIRSTC...)
1 138.201.65.75 24940 (HETZNER-AS)
2 2 148.251.129.43 24940 (HETZNER-AS)
1 1 78.46.16.13 24940 (HETZNER-AS)
2 2 89.108.120.76 197695 (AS-REG)
1 1 178.170.196.247 208677 (SBERCLOUD-AS)
1 1 45.9.26.83 208677 (SBERCLOUD-AS)
1 35.244.174.68 15169 (GOOGLE)
2 2 104.89.42.102 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 3 142.250.186.130 15169 (GOOGLE)
260 59
2    91.215.139.234 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
nur.kz
webapi.nur.kz
20    91.215.139.235 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
www.nur.kz
17    94.247.128.34 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
cdn.nur.kz
1    116.202.11.241 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.11.202.116.clients.your-server.de
cdn.onthe.io
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:1ec:27::cafe:2193 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    95.216.24.148 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de
tttt.onthe.io
3    94.247.128.43 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
stat.khanate.pro
9    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
1    99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net
certify-js.alexametrics.com
14    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net
certify.alexametrics.com
1    44.239.96.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-96-25.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
1    94.247.128.37 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
nurtech.pro
11    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
14    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
25    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
ads.adfox.ru
30    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    85.14.248.91 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
favicon.yandex.net
1    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
avatars.mds.yandex.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
ysa-static.passport.yandex.ru
3    193.3.184.138 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv322.qwarta.ru
acint.net
1    157.90.179.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1407628.sapientru.net
ssp-rtb.sape.ru
3    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    34.252.147.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    82.145.213.8 (Gauteng, South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
cm.tns-counter.ru
2    37.18.16.23 (Russian Federation)

ASN205675 (HYBRID-AS, DE)
dm.hybrid.ai
2    185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    54.155.185.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
euw-ice.360yield.com
1    195.201.87.224 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.87.201.195.clients.your-server.de
exchange.buzzoola.com
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    91.192.150.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    193.232.148.146 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp7.sender.ltmse.com
px.adhigh.net
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    217.66.147.170 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
1    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
2    136.243.148.229 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de
sync.1dmp.io
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    138.201.65.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
2    148.251.129.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow
sync.upravel.com
1    78.46.16.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow
15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
1    178.170.196.247 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
yandex-dmp-sync.rutarget.ru
1    45.9.26.83 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
yandex-sync.rutarget.ru
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
41 googlesyndication.com
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
510 KB
39 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1393
an.yandex.ru — Cisco Umbrella Rank: 2378
mc.yandex.ru — Cisco Umbrella Rank: 3528
ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 26650
289 KB
39 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
ad.doubleclick.net — Cisco Umbrella Rank: 179
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
296 KB
39 nur.kz
nur.kz — Cisco Umbrella Rank: 323580
www.nur.kz — Cisco Umbrella Rank: 413919
cdn.nur.kz — Cisco Umbrella Rank: 534011
webapi.nur.kz — Cisco Umbrella Rank: 837941
432 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 616
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
11 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6571
325 KB
11 google.de
www.google.de — Cisco Umbrella Rank: 6117
adservice.google.de — Cisco Umbrella Rank: 8526
2 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9388
2 KB
6 adfox.ru
ads.adfox.ru — Cisco Umbrella Rank: 10875
416 B
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 534
i.clarity.ms — Cisco Umbrella Rank: 2287
c.clarity.ms — Cisco Umbrella Rank: 1052
25 KB
6 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 16418
tttt.onthe.io — Cisco Umbrella Rank: 653222
19 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
110 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 308
109 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 564
2 KB
4 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 768
www.googleadservices.com — Cisco Umbrella Rank: 114
16 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
170 KB
3 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 31460
15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com
2 KB
3 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 29952
tech.rtb.mts.ru — Cisco Umbrella Rank: 29731
2 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1817
2 KB
3 acint.net
acint.net — Cisco Umbrella Rank: 29185
1 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
3 KB
3 khanate.pro
stat.khanate.pro — Cisco Umbrella Rank: 732947
509 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1735
1 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 62712
yandex-sync.rutarget.ru — Cisco Umbrella Rank: 62880
836 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 15058
1 KB
2 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 12087
1018 B
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 12161
402 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 58021
975 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10231
505 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11830
809 B
2 360yield.com
euw-ice.360yield.com — Cisco Umbrella Rank: 12548
613 B
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 24401
1 KB
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 31214
475 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
2 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 840
417 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 936
793 B
2 yandex.net
favicon.yandex.net — Cisco Umbrella Rank: 10017
avatars.mds.yandex.net — Cisco Umbrella Rank: 8113
8 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
25 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 8253
certify.alexametrics.com — Cisco Umbrella Rank: 4841
3 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1375
296 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 555
98 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 15831
69 B
1 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3101
390 B
1 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9241
332 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3561
205 B
1 rambler.ru
profile.ssp.rambler.ru — Cisco Umbrella Rank: 39816
244 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 32933
278 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20604
178 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 63042
386 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2470
410 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 38525
631 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
457 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1376
351 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12994
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 210
554 B
1 nurtech.pro
nurtech.pro
795 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1297
40 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
68 KB
0 whiteboxdigital.ru Failed
mitdmp.whiteboxdigital.ru Failed
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
260 63
Domain Requested by
30 an.yandex.ru 6 redirects www.nur.kz
an.yandex.ru
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.nur.kz
tpc.googlesyndication.com
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
20 www.nur.kz www.nur.kz
17 cdn.nur.kz www.nur.kz
14 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googleadservices.com
14 pagead2.googlesyndication.com securepubads.g.doubleclick.net
yastatic.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
14 www.google.com 3 redirects www.nur.kz
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
11 yastatic.net yandex.ru
an.yandex.ru
yastatic.net
www.nur.kz
9 www.google.de www.nur.kz
8 securepubads.g.doubleclick.net www.nur.kz
securepubads.g.doubleclick.net
www.googletagservices.com
7 mc.yandex.com 1 redirects mc.yandex.ru
6 ads.adfox.ru
6 yandex.ru www.nur.kz
yandex.ru
yastatic.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 tttt.onthe.io cdn.onthe.io
4 image6.pubmatic.com 4 redirects
4 www.googletagservices.com securepubads.g.doubleclick.net
www.nur.kz
googleads.g.doubleclick.net
3 www.googleadservices.com 2 redirects yastatic.net
3 ads.betweendigital.com 2 redirects
3 acint.net 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3 i.clarity.ms www.clarity.ms
i.clarity.ms
3 stat.khanate.pro www.nur.kz
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 www.google-analytics.com www.nur.kz
www.google-analytics.com
2 e.dlx.addthis.com 2 redirects
2 x01.aidata.io 2 redirects
2 sync.upravel.com 2 redirects
2 sync.1dmp.io 2 redirects
2 ssp.adriver.ru
2 sonar.semantiqo.com 1 redirects
2 sm.rtb.mts.ru 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 px.adhigh.net 2 redirects
2 euw-ice.360yield.com 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 dm.hybrid.ai
2 dpm.demdex.net 1 redirects
2 odr.mookie1.com googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 mc.yandex.ru an.yandex.ru
yastatic.net
2 s0.2mdn.net tpc.googlesyndication.com
2 ad.doubleclick.net 1 redirects e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
2 c.clarity.ms 1 redirects
2 e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1 ag.innovid.com googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com 1 redirects
1 sync.dmp.otm-r.com
1 sync.bumlam.com
1 counter.yadro.ru 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 s.uuidksinc.net 1 redirects
1 profile.ssp.rambler.ru 1 redirects
1 match.new-programmatic.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 cm.tns-counter.ru 1 redirects
1 t.adx.opera.com
1 ssp-rtb.sape.ru 1 redirects
1 ysa-static.passport.yandex.ru
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 avatars.mds.yandex.net
1 favicon.yandex.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 m.exactag.com www.nur.kz
1 c.bing.com 1 redirects
1 nurtech.pro www.nur.kz
1 webapi.nur.kz www.nur.kz
1 www.googleoptimize.com www.nur.kz
1 analytics.google.com www.googletagmanager.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.nur.kz
1 certify.alexametrics.com www.nur.kz
1 certify-js.alexametrics.com www.nur.kz
1 www.googletagmanager.com www.nur.kz
1 www.clarity.ms www.nur.kz
1 cdn.onthe.io www.nur.kz
1 nur.kz 1 redirects
0 mitdmp.whiteboxdigital.ru Failed
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
260 88
Subject Issuer Validity Valid
*.nur.kz
Sectigo ECC Domain Validation Secure Server CA		 2022-04-29 -
2023-05-30		 a year crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
khanate.pro
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2022-09-01		 6 months crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-13 -
2022-11-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
nurtech.pro
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-04-01 -
2022-09-29		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.adfox.ru
GlobalSign RSA OV SSL CA 2018		 2022-05-30 -
2022-11-08		 5 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-05 -
2022-11-03		 6 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
favicon.yandex.net
GlobalSign ECC OV SSL CA 2018		 2022-04-11 -
2022-09-10		 5 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018		 2022-03-04 -
2023-04-05		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ysa-static.passport.yandex.net
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2023-04-05		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh
*.bumlam.com
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh

This page contains 19 frames:

Primary Page: https://www.nur.kz/
Frame ID: BF989C376C6F51F657FB4ECCA84F06ED
Requests: 100 HTTP requests in this frame

Frame: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7C1AC1CC7BD9D727536C725299D5927
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG2wtR0fW47_iuDpJ7o8FFpsIRQEbO9ETMksTsXJTHI_EAjwFcMnmmrMWwBZ66l1M3_gIEZZVw4Hey6vmr7G5lnFGBzS64Mf5cInA7D5CwSFrFiqpyqj7P7Yr9pbS2dQCw6nKvKF6W2iNncojunUuhE0T6OqZ7ZL47UUMtmyqRWI-nGV0bvIY7nI3OxKrpeRH3ZyVTkWKhFSlMNUjyOlkgV_yC0-HmvGz91HQhSFoI10GVgUBpG0RPXT0VJwEGllghdzK17gKa9PjDphOtMcssHNXyuuKIzvwnhD5b-yBx2-1zndU66FskeEkEj28Z&sai=AMfl-YTrwO1JtbklbTVJbKZVCsJNnCcnNpumIidS86DWaxrE5wCGCIVcmZVVm-tqL1RrLRLVZEVUmb0hnrozzzqRnHl19Ctt6DVOUmNVFkzTjA2Gb60guG6ArXYzpij4IScu&sig=Cg0ArKJSzCES-hjqusD3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 769C15B9F6585F16B3042EA240F18187
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205232225000/amp4ads-v0.mjs
Frame ID: BA6B8079297590CDAA1B23F2FF4572C7
Requests: 16 HTTP requests in this frame

Frame: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DADFD29460B420565890977D869AEB56
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C78F2531169B69C5054FE5174F521A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4603EFC1CE13957CF3269B56F2E7061
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Frame ID: 9A2B911516D2A8FD3A846C1D6DAA0F3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Frame ID: C7A9DA2A528A24B9A5E88DC5F501D3D2
Requests: 11 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: E5F12F0A0432E2942E4C428556F95702
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2038C61B2B4DBAC459A6E4A3941E4DEA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1654579541&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541528&bpp=2&bdt=1092&idt=226&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&nras=1&correlator=8630744882926&frm=20&pv=2&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=241
Frame ID: E7CD274F46CC222B23E0B18E64F0BD74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Frame ID: CD77AAE5ECD78B5FFDD9A59E17FBD154
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Frame ID: E9E127B15048A22DE94336159FAF59D2
Requests: 17 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 308521DF44431CB4A3608E2341FAB262
Requests: 54 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F9CF269EC92E7276ACD1829E698BC1B5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 93237DC386803BCF495E8238C1CD0538
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D96A9D17B437AC282E33D32863DD647F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: 405232F09C1FDC3193A8A75976F229A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новости Казахстана – последние новости от NUR.KZ

Page URL History Show full URLs

  1. http://nur.kz/ HTTP 301
    https://www.nur.kz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

260
Requests

85 %
HTTPS

39 %
IPv6

63
Domains

88
Subdomains

59
IPs

12
Countries

2479 kB
Transfer

7014 kB
Size

97
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nur.kz/ HTTP 301
    https://www.nur.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&RedC=c.clarity.ms&MXFR=048B0EF92C8F6D9C07611F45288F63BA HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&MUID=105683FF360166B9332C9243376A67AC
Request Chain 116
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 145
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 176
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdi1lephpLlbk76q5adqBI&google_cver=1&google_push=ARnp8GDqA0vTChuRo_TZvZDWay4iErqFn-b6t3h17imMqeTa4HncSOI3Cc_wntoN3OMBafxbL6a7gIpFLKB5Nh4wOlcY380CYi7x HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdi1lephpLlbk76q5adqBI&google_cver=1&google_push=ARnp8GDqA0vTChuRo_TZvZDWay4iErqFn-b6t3h17imMqeTa4HncSOI3Cc_wntoN3OMBafxbL6a7gIpFLKB5Nh4wOlcY380CYi7x&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dAQa5VLORoS8i7b3j4Kq0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDqA0vTChuRo_TZvZDWay4iErqFn-b6t3h17imMqeTa4HncSOI3Cc_wntoN3OMBafxbL6a7gIpFLKB5Nh4wOlcY380CYi7x
Request Chain 177
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPTozCavokzfBm8a-Q8mUK0&google_cver=1&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjHYMZRMye0aGI8RZvM1OU4hRIU6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQzUFhUTVgtSC00WDVU&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjHYMZRMye0aGI8RZvM1OU4hRIU6
Request Chain 178
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQve7OE7WwN5i5kPCk2Dixn2XSysDchurimxGrO1kt2KBsHmfWFxcivu3uIsjHXVPH HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQve7OE7WwN5i5kPCk2Dixn2XSysDchurimxGrO1kt2KBsHmfWFxcivu3uIsjHXVPH&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQve7OE7WwN5i5kPCk2Dixn2XSysDchurimxGrO1kt2KBsHmfWFxcivu3uIsjHXVPH
Request Chain 199
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F56E19E621700061A02BF0C14&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/SAPEis/0100007F56E19E625A00206102D76942
Request Chain 200
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/d01f825e-8a12-529e-a0db-5028c245b17e
Request Chain 201
  • https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=99DE99D26B70F015 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=99DE99D26B70F015
Request Chain 202
  • https://an.yandex.ru/mapuid/betweenx/ HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=61B88C58F4041C5B
Request Chain 203
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 204
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 205
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 206
  • https://an.yandex.ru/mapuid/operacom/ HTTP 302
  • https://t.adx.opera.com/sync?vendor=60143&uid=931B7423A36DE04A
Request Chain 207
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/a459aaeaa2cc9b482ea9fdba4d2312a2fd2f3aebf4c55a98b894ccac8cf6221f
Request Chain 210
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1654579541 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1654579541 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/dwL2VsTLrYWSmEi7Cn4C
Request Chain 211
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/azerionis/9a05b64c-0819-48a2-a913-4db3f8fa97d8
Request Chain 212
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/be6270ea-f35d-4213-6b5f-f5135cd0a763
Request Chain 213
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3552125994
Request Chain 215
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 216
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/Pp0vsGrnDss.AikABlGBPKA7SQ
Request Chain 217
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=591185653 HTTP 302
  • https://an.yandex.ru/mapuid/dmpweborama/AwjSW7K0WWt2GbRgRhkE6O
Request Chain 218
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/woB5WdX3XVdjaRazbyvk
Request Chain 219
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c6fe328e-9d13-4c3b-b43e-79d148864fd9&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fc6fe328e-9d13-4c3b-b43e-79d148864fd9 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/c6fe328e-9d13-4c3b-b43e-79d148864fd9
Request Chain 220
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=a8d4321f5c974b6cad1ec0265910d02c HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a8d4321f5c974b6cad1ec0265910d02c
Request Chain 223
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpcleverdata/4680b780-e622-11ec-acfd-901b0e8b2a6e?sign=2089842781
Request Chain 226
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/15a4b769-e266-45e6-9a07-4cee75d7d7dc
Request Chain 227
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/mLDvkENAFInkVRu0Z6UoWA?sign=4093563506
Request Chain 228
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/n99z_H949zHn?sign=462172591
Request Chain 229
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/g1u-7YGFahkL
Request Chain 230
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExGRTqNer2r05uwnm3S3Bc&google_cver=1&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7cm9MBkJidlFzBDkqt_Pf-DAELLqmPFHd6biNYXOQ4r HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7cm9MBkJidlFzBDkqt_Pf-DAELLqmPFHd6biNYXOQ4r&google_hm=K32ZMAhIpsdZlqFc9aKoFw
Request Chain 232
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNzGRQ2ccI_8lkf0ZZNSqSejeY87m_qk&google_gid=CAESEIxkDn2SYVvG3dhIJZVcHoY&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNzGRQ2ccI_8lkf0ZZNSqSejeY87m_qk&google_gid=CAESEIxkDn2SYVvG3dhIJZVcHoY&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcwNTI1NDMwMDA5MDYzMTQxMzY2Mg%3D%3D&google_push=ARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNzGRQ2ccI_8lkf0ZZNSqSejeY87m_qk
Request Chain 234
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdi1lephpLlbk76q5adqBI&google_cver=1&google_push=ARnp8GA1PY-P58dVU4-9_UzSQ7P65JF96aszLHZbjZ9L2hquB6ICDuzSTzpK5S0sVAuGs7Bloanhj6thQb33vg3JMAaZAMZ5C21Y HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdi1lephpLlbk76q5adqBI&google_cver=1&google_push=ARnp8GA1PY-P58dVU4-9_UzSQ7P65JF96aszLHZbjZ9L2hquB6ICDuzSTzpK5S0sVAuGs7Bloanhj6thQb33vg3JMAaZAMZ5C21Y&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OskdSMMQhWdqNosflokig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA1PY-P58dVU4-9_UzSQ7P65JF96aszLHZbjZ9L2hquB6ICDuzSTzpK5S0sVAuGs7Bloanhj6thQb33vg3JMAaZAMZ5C21Y
Request Chain 235
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GD6CEY9VyGHc9ZQdgQBBVfnyrv9ymnMWr4fymJSQgEBCiYl7w-V-9h1ij_QMncCj7dZTG76XuA4q1CN3RPRvnuvGgQtaXD2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_push=ARnp8GD6CEY9VyGHc9ZQdgQBBVfnyrv9ymnMWr4fymJSQgEBCiYl7w-V-9h1ij_QMncCj7dZTG76XuA4q1CN3RPRvnuvGgQtaXD2&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1
Request Chain 240
  • https://mc.yandex.com/watch/490795?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A18980660%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Ans%3A1654579541451%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A18980660%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Ans%3A1654579541451%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 254
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WOGeYvu2JNGE9fgPyd2Q-A8&random=2059405243&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905&ipr=y
Request Chain 255
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WOGeYsi5JKaF9fgPwraMuAs&random=1745068875&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760&ipr=y

260 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nur.kz/
Redirect Chain
  • http://nur.kz/
  • https://www.nur.kz/
408 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a162d79a7ea1172da3a9690aeca519ef4f116aba6ca51aa50e1aa99f91ff782f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
GET, OPTIONS
cache-control
public, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 05:25:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding
x-f-status
HIT
x-frame-options
SAMEORIGIN always

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 07 Jun 2022 05:25:40 GMT
Location
https://www.nur.kz/
Server
nginx
0499ae4af9c2359f.webp
cdn.nur.kz/images/1120x630/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/1120x630/0499ae4af9c2359f.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6bc273cbe6bd53b0835ae0b66c8d00043e0e9ff0b3d981be0fcfc2ae994d775d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 03 May 2022 08:15:53 GMT
server
nginx
x-cs
HIT
etag
"804be0bdb64ccf62917bb22a349213b2"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
70380
expires
Wed, 07 Jun 2023 05:25:40 GMT
common.e1f38809.css
www.nur.kz/nur/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/css/common.e1f38809.css
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-1466"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
5222
expires
Wed, 07 Jun 2023 05:25:40 GMT
io.js
cdn.onthe.io/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.11.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.241.11.202.116.clients.your-server.de
Software
nginx /
Resource Hash
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 05:25:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 13:27:15 GMT
Server
nginx
ETag
W/"60e6fd33-de2a"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Wed, 08 Jun 2022 05:25:40 GMT
logo.svg
www.nur.kz/nur/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/logo.svg
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-977"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
2423
expires
Wed, 07 Jun 2023 05:25:40 GMT
0499ae4af9c2359f.webp
cdn.nur.kz/images/560x315/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/560x315/0499ae4af9c2359f.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
79f1ac176ea52bed2fa74a6df88f062cfe3af01bbb6b6590d61559751399050b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 03 May 2022 08:15:53 GMT
server
nginx
x-cs
HIT
etag
"ab8353228a0fd651d0cbb5b616d2e09b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
28268
expires
Wed, 07 Jun 2023 05:25:40 GMT
placeholder-1x1.gif
www.nur.kz/nur/img/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/placeholder-1x1.gif?v=2
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-2b"
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
43
expires
Wed, 07 Jun 2023 05:25:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6654
date
Tue, 07 Jun 2022 03:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Jun 2022 05:34:46 GMT
94ylzt75u2
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/94ylzt75u2
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2193 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4051e07b26c798050f69465c3a1f49a25e17c1b2e4e42e3e579828ea33a45094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:39 GMT
x-powered-by
ASP.NET
x-azure-ref
0VOGeYgAAAABJywfKePAXRY6cMVKww3+HU09GMDFFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
content-length
1424
expires
-1
1920x120_rus.png
www.nur.kz/nur/img/thematic-blocks/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/thematic-blocks/1920x120_rus.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-e64f"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
58959
expires
Wed, 07 Jun 2023 05:25:40 GMT
bybit.png
cdn.nur.kz/static/ads/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/static/ads/bybit.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Wed, 20 Apr 2022 14:13:51 GMT
server
nginx
x-cs
HIT
etag
"6eab7750d8e559a66f25f708b1eea4de"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
6458
expires
Wed, 07 Jun 2023 05:25:40 GMT
1xbet-partner.png
cdn.nur.kz/custom/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/custom/logo/1xbet-partner.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Wed, 01 Sep 2021 09:19:41 GMT
server
nginx
x-cs
HIT
etag
"d9e559e4b7931bf2cf97e89f9d7708c4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
2180
expires
Wed, 07 Jun 2023 05:25:40 GMT
fclub-libertex-partner.png
cdn.nur.kz/custom/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/custom/logo/fclub-libertex-partner.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 28 Dec 2021 10:52:54 GMT
server
nginx
x-cs
HIT
etag
"b32bf7a5941815e4a4dc71bb126a1aa3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
2946
expires
Wed, 07 Jun 2023 05:25:40 GMT
KMF.png
cdn.nur.kz/custom/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/custom/logo/KMF.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Wed, 13 Apr 2022 12:31:31 GMT
server
nginx
x-cs
HIT
etag
"55643c20d418d965722c9d75a7d6d2b4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
4627
expires
Wed, 07 Jun 2023 05:25:40 GMT
parimatch.png
cdn.nur.kz/custom/logo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/custom/logo/parimatch.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 09 Nov 2021 19:46:09 GMT
server
nginx
x-cs
HIT
etag
"58febaebfd3c6d8472de1318e7079d30"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
4450
expires
Wed, 07 Jun 2023 05:25:40 GMT
c04d67b56648cdee.jpeg
cdn.nur.kz/images/272x153/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/c04d67b56648cdee.jpeg?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
fd1cc7a32a86b77b0985b43453cfc138daccd042f4f1b9fbd905b903c86cbd44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Mon, 28 Feb 2022 11:28:30 GMT
server
nginx
x-cs
HIT
etag
"c1063311485e7357552467b198b510a4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
19275
expires
Wed, 07 Jun 2023 05:25:40 GMT
d4ea7b5c22824860.jpeg
cdn.nur.kz/images/272x153/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/d4ea7b5c22824860.jpeg?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
b86d79adcfefe38afda6a21dbefeb72a2484083b1a6b91c5bfaeb242fe056d29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 01 Mar 2022 02:36:03 GMT
server
nginx
x-cs
HIT
etag
"84812f716fcf772eae758ede258e8afa"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
33213
expires
Wed, 07 Jun 2023 05:25:40 GMT
7a5aad15155aeeab.jpeg
cdn.nur.kz/images/272x153/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/7a5aad15155aeeab.jpeg?version=2
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Thu, 11 Mar 2021 14:37:00 GMT
server
nginx
x-cs
HIT
etag
"cad54c626842be5765616b721023eb2f"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
4896
expires
Wed, 07 Jun 2023 05:25:40 GMT
26f6f4d708d3f373.jpeg
cdn.nur.kz/images/272x153/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/26f6f4d708d3f373.jpeg?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 09 Nov 2021 15:26:53 GMT
server
nginx
x-cs
HIT
etag
"9315765f924d99f08508c23fec0c6235"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
31899
expires
Wed, 07 Jun 2023 05:25:40 GMT
logo-freedom-finance.png
www.nur.kz/nur/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/logo-freedom-finance.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-8b9"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
2233
expires
Wed, 07 Jun 2023 05:25:40 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-1&cid=1221060954.1654579541&jid=225733273&gjid=818171787&_gid=870498487.1654579541&_u=YGBAgUABCAAAAE~&z=1370820567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Jun 2022 05:25:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.nur.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2015280902&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=225733273&gjid=818171787&cid=1221060954.1654579541&tid=UA-6273700-1&_gid=870498487.1654579541&cd14=homepage&z=1245273447
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jun 2022 08:22:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75809
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
tttt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tttt.onthe.io/?k[]=336:uniques_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36,device:desktop,browser_version:Chrome%20102,browser:Chrome,depth:1,user_type:new,user_id:b7714b1d0.0bd6744c7_1654579540514,session_id:829dce7c7.bc1a186aa_1654579540516,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1654579540523
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:40 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tttt.onthe.io/uniques/ 		33 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tttt.onthe.io/uniques/?current=7&holding=e3155c435e925683dd022a3f2070aae6&hash_user=b7714b1d0.0bd6744c7_1654579540514&1654579540524
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:40 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tttt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tttt.onthe.io/?k[]=336:visits_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36,device:desktop,browser_version:Chrome%20102,browser:Chrome,depth:1,user_type:new,user_id:b7714b1d0.0bd6744c7_1654579540514,session_id:829dce7c7.bc1a186aa_1654579540516,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&__io=b7714b1d0.0bd6744c7_1654579540514&1654579540529
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:40 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tttt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tttt.onthe.io/?k[]=336:pageviews[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36,device:desktop,browser_version:Chrome%20102,browser:Chrome,depth:1,user_type:new,user_id:b7714b1d0.0bd6744c7_1654579540514,session_id:829dce7c7.bc1a186aa_1654579540516,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1654579540532
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:40 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
p.gif
stat.khanate.pro/api/v1/ 		43 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.khanate.pro/api/v1/p.gif?data=eyJ0b2tlbiI6ImpzLml6dmYwdXhoZWlrMDB4MGFya252aHNzLm15dTFsamQ5amRmaTF0cGk1bnZ6aGIiLCJldmVudF90eXBlIjoicGFnZXZpZXciLCJkb2NfaG9zdCI6Ind3dy5udXIua3oiLCJkb2NfcGF0aCI6IlwvIn0=
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
16c6d5b5e239b715a3e5921dfacc509b1e299057c5bbfb4ae12ea95297c84e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
server
nginx
content-length
43
content-type
image/gif
_vendors.247f0c1e.js
www.nur.kz/nur/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/_vendors.247f0c1e.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-22eb"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
8939
expires
Wed, 07 Jun 2023 05:25:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f7ae129f0628e53c602a3b7f3ec95d4e8d0e61677d2bb3e7e9e8bde21641508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28106
x-xss-protection
0
server
sffe
etag
"1237 / 505 of 1000 / last-modified: 1654553162"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Jun 2022 05:25:40 GMT
monetization.f542e399.js
www.nur.kz/nur/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/monetization.f542e399.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-b02"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
2818
expires
Wed, 07 Jun 2023 05:25:40 GMT
js
www.googletagmanager.com/gtag/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6338677bd1a10ff1b0b01a07f22933243f62194458da01fe2cdd2a5bdc446a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69621
x-xss-protection
0
expires
Tue, 07 Jun 2022 05:25:40 GMT
_authorization.da05ad1d.js
www.nur.kz/nur/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/_authorization.da05ad1d.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
76c91a48e8c0053d6163ff0d8e3d681f6caf7eae3f0f48f361d472126aae1e75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-1120"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
4384
expires
Wed, 07 Jun 2023 05:25:40 GMT
navigation.1f4f3f8d.js
www.nur.kz/nur/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/navigation.1f4f3f8d.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-661"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
1633
expires
Wed, 07 Jun 2023 05:25:40 GMT
jitsu-init.2dd8626e.js
www.nur.kz/nur/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/jitsu-init.2dd8626e.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
cf6d3d1470b43abbac33a8dd8e9dadca4996b7abe0c2f39ff12f26c51ac867ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-23e2"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
9186
expires
Wed, 07 Jun 2023 05:25:40 GMT
home-recommendation.a93cd623.js
www.nur.kz/nur/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/home-recommendation.a93cd623.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
1cc2bae76f40e5c42298937b823fcd12fe9d418d851d55c1e1d326032e7883ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-15ea"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
5610
expires
Wed, 07 Jun 2023 05:25:40 GMT
home-page.bcf574cb.js
www.nur.kz/nur/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/home-page.bcf574cb.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
9196ed5c14f8e7dd1e89576a347ac4848ad1edaf7b7df25e7b920bcff953a8ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-757"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
1879
expires
Wed, 07 Jun 2023 05:25:40 GMT
freedom-finance.d7f54434.js
www.nur.kz/nur/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/freedom-finance.d7f54434.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-557"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
1367
expires
Wed, 07 Jun 2023 05:25:40 GMT
context.js
yandex.ru/ads/system/ 		283 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0579ff692957d78fd6510f1e6bb2aecd66c5b8cd7b0224c9a0f8438721c6a44b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1654579540753395-10308309321383664241-sas2-0481-644-sas-l7-balancer-8080-BAL-747
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 07 Jun 2022 06:25:40 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 09:39:01 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
7587999
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
zewFNK5wrgP3zHe5VdtRQj9IQsjx-YDLiLC6fvbX3Y-mEvyXDb3EVg==
telegram.svg
www.nur.kz/nur/img/social-icons/subscribe/ 		1 KB
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/social-icons/subscribe/telegram.svg
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-214"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
532
expires
Wed, 07 Jun 2023 05:25:40 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=1221060954.1654579541&jid=225733273&_u=YGBAgUABCAAAAE~&z=1297078872
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-1&cid=1221060954.1654579541&jid=225733273&_u=YGBAgUABCAAAAE~&z=1297078872
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&time=1654579540593&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.nur.kz%2F&random_number=3345154433&sess_cookie=92795fe51813ca03271c77f0f88&sess_cookie_flag=1&user_cookie=92795fe51813ca03271c77f0f88&user_cookie_flag=1&dynamic=true&domain=nur.kz&account=UVumr1WyR620WR&jsv=20130128&user_lang=en-US
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 03:06:39 GMT
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
8342
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA6-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
ZunJpl6yPfFFTtESE3k9Dh4JeOuBRZ56sKgG9GcIFrFWIjGIGpmiwg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.96.25 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-96-25.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
server
Server
pubads_impl_2022060201.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 04:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126885
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 08:36:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Jun 2023 04:50:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		194 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nur.kz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123
x-xss-protection
0
expires
Tue, 07 Jun 2022 05:25:40 GMT
chunk-lazysizes.85027d33.js
www.nur.kz/nur/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/chunk-lazysizes.85027d33.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/_vendors.247f0c1e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-beb"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
3051
expires
Wed, 07 Jun 2023 05:25:40 GMT
collect
analytics.google.com/g/ 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oe660&_p=2015280902&_z=ccd.tdB&_gaz=1&cid=1221060954.1654579541&ul=en-us&sr=1600x1200&_s=1&sid=1654579540&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&en=page_view&_fv=1&_ss=2&_ee=1&ep.transport_type=beacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nur.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3EYGX7DJS&cid=1221060954.1654579541&gtm=2oe660&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nur.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3EYGX7DJS&cid=1221060954.1654579541&gtm=2oe660&aip=1&z=1394304958
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		228 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=108329845744510&correlator=412874957128257&eid=44761478&output=ldjh&gdfp_req=1&vrg=2022060201&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom%2CNUR_Desktop_Bottom2%2CNUR_Desktop_Bottom3%2CNUR_Desktop_Anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C728x90%7C728x200%7C980x90%7C980x200%2C728x90%7C728x200%7C980x90%7C980x200%2C1x1%7C728x90%7C980x90%7C1000x90%7C1000x200%7C1200x90%7C2000x90%7C728x200&ifi=1&adks=2902430930%2C1806412577%2C1148870173%2C3302193688&sfv=1-0-38&ecs=20220607&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie_enabled=1&abxe=1&dt=1654579540709&dlt=1654579540436&idt=246&biw=1600&bih=1200&adxs=436%2C436%2C436%2C-12245933&adys=2421%2C4954%2C6692%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1088x0%7C1088x0%7C1088x0%7C0x-1&msz=1088x0%7C1088x0%7C1088x0%7C0x-1&fws=4%2C4%2C4%2C644&ohw=1088%2C1088%2C1088%2C1600&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=true&btvi=1%7C2%7C3%7C-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
597c2ff22f5098263f34622a2efffc185cc207eca98bfff7d40ca56da9058568
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMevno7NmvgCFVqoewodvnULAA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12278835424197324352/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMevno7NmvgCFVqoewodvnULAA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12278835424197324352/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
google-creative-id
138224758804,-1,-1,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63418
x-xss-protection
0
google-lineitem-id
4571986055,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Tue, 07 Jun 2022 05:25:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nur.kz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7C1 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:40 GMT
expires
Wed, 07 Jun 2023 05:25:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
optimize.js
www.googleoptimize.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5JGFBQR
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.a93cd623.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14f0822245a486796ca5a7e7a10d7db8d6ff79a665585b96d3ef484263b418d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40220
x-xss-protection
0
expires
Tue, 07 Jun 2022 05:25:40 GMT
freedom-finance-desktop.593ce3a5.css
www.nur.kz/nur/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-326"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
806
expires
Wed, 07 Jun 2023 05:25:40 GMT
chunk-freedom-finance-desktop.68c57a5a.js
www.nur.kz/nur/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/freedom-finance.d7f54434.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
"6298d0df-5f4"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
content-length
1524
expires
Wed, 07 Jun 2023 05:25:40 GMT
event
stat.khanate.pro/api/v1/ 		15 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/jitsu-init.2dd8626e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nur.kz
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
content-length
15
event
stat.khanate.pro/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nur.kz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
access-control-allow-origin
https://www.nur.kz
access-control-max-age
86400
content-length
0
date
Tue, 07 Jun 2022 05:25:40 GMT
server
nginx
clarity.js
i.clarity.ms/s/0.6.35/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/s/0.6.35/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/94ylzt75u2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
content-encoding
br
etag
"1d8778699f9e965"
last-modified
Fri, 03 Jun 2022 20:15:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
09bce9e24aab9427.webp
cdn.nur.kz/images/272x153/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/09bce9e24aab9427.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
d5a15a10955e2d03c4924c85474b7b8332cf61059c6982c2d370f078151501bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 07 Jun 2022 03:46:04 GMT
server
nginx
x-cs
HIT
etag
"5075a950d7e4be7e4c514b6395a08da4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
4024
expires
Wed, 07 Jun 2023 05:25:40 GMT
93040769b8d83977.webp
cdn.nur.kz/images/272x153/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/93040769b8d83977.webp?version=2
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Mon, 16 May 2022 02:51:11 GMT
server
nginx
x-cs
HIT
etag
"97af685ac3719ce75ca39c9460ddea2d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
15698
expires
Wed, 07 Jun 2023 05:25:40 GMT
/
tttt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tttt.onthe.io/?k[]=364:uniques_holding&s=0d0db5a9a93692f403af81423ab76478&__io=b7714b1d0.0bd6744c7_1654579540514&1654579540775
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.24.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:40 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2015280902&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABCAAAAG~&jid=1832961165&gjid=1684741080&cid=1221060954.1654579541&tid=UA-6273700-34&_gid=870498487.1654579541&_r=1&_slc=1&cd12=&cd13=&z=1350339443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nur.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
recommendations
webapi.nur.kz/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://webapi.nur.kz/recommendations?userId=22ede3b3-1286-4501-b2b6-291419f0319d&sectionId=1&lifespan=7&limit=5
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.a93cd623.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
efb86e7b2388ff22045136ce59bd29c4d34598c669dbb84359435f5a9c88a695
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Accept-Encoding, Accept-Encoding, Origin
x-xss-protection
0
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
server
nginx
etag
W/"c39-L4WuPgQDzxJSITc7PAh2fCOFjvY"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nur.kz
x-f-status
MISS
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6273700-34&cid=1221060954.1654579541&jid=1832961165&gjid=1684741080&_gid=870498487.1654579541&_u=aGDAAUABCAAAAG~&z=1537071781
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 07 Jun 2022 05:25:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.nur.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
quotes
nurtech.pro/trading/ 		372 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nurtech.pro/trading/quotes
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-freedom-finance-desktop.68c57a5a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.37 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
3aff27a4eeda21ad85bc15d120342a8840e3b92f0c43616e4ec9ab220d1139eb
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Accept-Encoding, Origin
x-xss-protection
0
x-f-status
HIT
referrer-policy
no-referrer
server
nginx
etag
W/"174-VbSRl7rg158GqejMZnNYtvVpIJ4"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nur.kz
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=1221060954.1654579541&jid=1832961165&_u=aGDAAUABCAAAAG~&z=963320333
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6273700-34&cid=1221060954.1654579541&jid=1832961165&_u=aGDAAUABCAAAAG~&z=963320333
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8f7373c950d64045.webp
cdn.nur.kz/images/272x153/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/8f7373c950d64045.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
5cbc669a58758bc2114a3a6e9ac33c71861febcefceb4d01a0ce62f43436601d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 07 Jun 2022 02:25:26 GMT
server
nginx
x-cs
HIT
etag
"1222e819957132468f607bf0f51c6ac5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
10344
expires
Wed, 07 Jun 2023 05:25:40 GMT
f9bbd4eb89a889aa.webp
cdn.nur.kz/images/272x153/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/f9bbd4eb89a889aa.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
29523f8c2d72a46ea1f3b0817aa91107b5fc421ab67ca4f86033c1adb2ad25c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Sat, 26 Feb 2022 22:22:21 GMT
server
nginx
x-cs
HIT
etag
"d9dceb1c611ad3b518887962c25b1631"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3262
expires
Wed, 07 Jun 2023 05:25:40 GMT
6a919837ca695c14.webp
cdn.nur.kz/images/272x153/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/6a919837ca695c14.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
1f63538cb21e69fefb6af0c3db52c3df20622597dbdcc27dbff5fbedc65f5e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Tue, 07 Jun 2022 02:59:17 GMT
server
nginx
x-cs
HIT
etag
"f7efee76704362ffa9ebcf6691df4355"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
12012
expires
Wed, 07 Jun 2023 05:25:40 GMT
38638ff38fa7375a.webp
cdn.nur.kz/images/272x153/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.nur.kz/images/272x153/38638ff38fa7375a.webp?version=1
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.247.128.34 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
9c53e08c3a1a5a8cbbe912338ca74fc54be9bfc85299230f502f88c9df124ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:40 GMT
last-modified
Wed, 01 Jun 2022 09:49:23 GMT
server
nginx
x-cs
HIT
etag
"82e73ccffa1c419ebb4ab9590bb6855c"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/webp, image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17710
expires
Wed, 07 Jun 2023 05:25:40 GMT
a9fc9d77518e2b2b50db.js
yastatic.net/partner-code-bundles/591932/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/a9fc9d77518e2b2b50db.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
250f65ed6eccaca3c76987a0c5ce1b388a88cdb56874a7c2dff32760d3c6dcd0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4467
last-modified
Fri, 03 Jun 2022 15:31:09 GMT
server
nginx/1.17.9
etag
"8bab976b77c2ae6415b153e2be80624a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:57:37 GMT
cb695309631b1475aaca.js
yastatic.net/partner-code-bundles/591932/ 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/cb695309631b1475aaca.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
49d7f8b1a792b7b8fc63eefc2614125aba00e1d5a381cf25910d1c4a2870fcd3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17806
last-modified
Fri, 03 Jun 2022 15:31:09 GMT
server
nginx/1.17.9
etag
"2327cdff883d5c5d8cda9f7b5571f466"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:58:03 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:59:08 GMT
v2
yandex.ru/ads/adfox/252771/getBulk/ 		211 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-06-07T05%3A25%3A41.009%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=2300575730&pr=3846799425&prr=&pv=5&pw=2&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.591932&ybv=0.591932&ytt=32986960625669&is-turbo=0&skip-token=&ad-session-id=6345961654579541013&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A14115%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=591932&available-width=1600&yaru=true&p1=coatn&p2=fylw&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=575089%2C0%2C91%3B586081%2C0%2C4%3B593305%2C0%2C23%3B591943%2C0%2C38%3B586227%2C0%2C24%3B590119%2C0%2C18%3B590301%2C0%2C14%3B588486%2C0%2C78%3B591221%2C0%2C33%3B406668%2C0%2C99%3B592005%2C0%2C12%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B203897%2C0%2C80&pcode-flags-map=eJytV11v4zYQ%2FCuFn4MDRYn6uDdaom0ikqgjKTu5w4FI0bwFRdHeFQUO9987lOQPKo6SoH2JAccz3CV3Z2d%2FrPpWbpRuuF19%2FPJj9ffD0%2FfH1ceVaPm6Fqub1bfHv77J3%2FBNQguSFaufX29W5Y63W%2BHKWpa3zu606rc7V6utLAMOXlqpWrfurcVHp6XS0t4HnDHNKB0499y4VhxcyevaWeUmsBV3YWBW90FYjDGSJwPFGLPrW9N3ndJWVAiKV0I7U2rZWWd06Q5ct7LdvsKZsSQ7hdWoMRQua6VdqfzfjtfCWuFa3oiAq5bbnXXrbcCXxSRjA58WneDW7RveOS0%2B9cJYxzcWMcpWq7pejivLkig9xdUb4bpSVXgJ1TSIkFvLy50zO16pwytMRZ7kJ6ZStUYOF7VTB2elxTXytnJrVd07XiFbjTwR5TJpnrIoPpFK4YxVnVN2B2aLmnFNX1v5epp5xmj6jOfdYLltlRaukcagFCpu%2BZiIcSh4t0fCCrfuL2%2BtAs7Hf%2F4IKAuSsPH5KmmGGiuNfj9JXrBTUsYOPHuhDWorALK8yFB9ATZi0Yjl1UbduQaFvJdGrmWNjnJ4%2BqEXl85PaBbHZOBAx0994VPgTXeJ%2B%2Fbn98cAlsfFBEO5GeMLdY55ftYJdDXeNUI%2BtGE1fYnSPKXZDcVFMYaPPM%2Bjm5glUZ7f0Lhgsf9gJEtvaJokSXxDCY0IOf4kJkWaAp6RgkSAZ0mSf72MKSsiEk0xOSNE69TaCL2fFfXj7w%2B%2FPj2GIpXSYlSDjUQuyH8nhi5v7fI1JCwuxiM%2Fi5ai3ythUJSORu5TjBIQnYsXCRilxdhQnRZQRKftGvdfy1Ys4jJasDHiUvWt9Xp6t9OLkDzL6Sij9%2Bh8ced07yrVcNkuVjXJaDy1atAKbtPXNWQX97yIj2I6VaW%2F27VWt3gY3KvbalktIzPozdWAHbrUarlehKN20uT8Nj5cd5CV3TnZ8O3i9aLgkpycsUdRWCvtm0rzSvbmlzcy3HMf9xiw4%2FWB35tlZJxNNVVt%2FAgxHbRbQLMbofpwVFJCSIhNSDzmfBwbgLZ2%2BTwGmotW1sJrx%2FE8J%2B4WWwBHZhl9DpcbP1YOXghfq5AXGI4B7HndB68Vk%2BvoyR2M1SnbDo%2FsuG6Wz06jqf94BaGw0gyDeqMcWnBRbuFKMDQGaC1gOWAiMIr2XEs%2Bu3A6h03PO%2BsnLeBcKsyxNzYWmI5vzTUKBOObn8tFaA3ph2W75GABPicJmaRnNG5etvdSHLy1Wjw6zdJJ%2Ff3PXQv7VArM8Wa7CMsocAPMmA4%2BsNwJH6HrhC5nVep1%2FxLJoiK5KBFyRzBZIQbKWLl4Zh6x6cyyVu3plhq1H2bdMpZmefwCdoyD%2Fkd89Eb8AOl4eQv7Noj90N6vgPFKo4wIOFnhIL8oroPmHe77OODeYW9yTMmxcGEqyunlZkI68xYY8ZSNzennmoH1RxwYcyq4%2BOhDFHohuIHAjFVSC8zG8pX3KqIsv1B8CdvL0Qbw36WvL7MUaRGzaMwOt7Pxp%2B278LToQxxWM9aS4mT3Bsnaau%2FUTOM3nCtFjVndWvjbmaUmeXSiOWoYHgk7jG9IGP32mRaVNiQp4PzYEglsCcyJW0uruRXv5%2FKL26n%2BJpPTzEtQbTaz9yiS87bAe6u2AqaQ%2B73tTNbji7lDvnZRIdvURrqddhe30ap5LtobXpv5CkPpefPzltfnNqWERjCy6ZCw6WEcZ5P62SYCIxoVkyyZ6nbuNPH%2FGI40RMTkqvrLYT%2BbNjunlQor5%2BHpKcwCy116aqzzxHhHj9HoQlBD%2F760LpA0TfOzxXieM9wEC3MevvGIrebrZcnE%2BkuS82%2FxGp%2BDGmMRJUu%2Fv%2BKSIvYCYsx8MgroW2zuNb%2F301%2B2fhqiVcpb30BQzmVlzLDMXHtUX12TZxzK0whrQbjs%2F7AVHfvvRbbRgf5fpJXYcKzeR%2FJxhX4T3c9%2FAfc4TQ8%3D&use-server-side-rendering=1&pcode-icookie=x%2FnlnJJ1LnaAo4OfIUXu8ycsBgGOukijusqABtFGeZJQTP04nx495%2BOY2Am%2F9Zt2lh916MZ61CiLd00IsUTOHv8DjgM%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NzR9ChKjtpDkuOlBGKgrF2v-Iy6ZOE5fF81Y376Z79_ns9G5tJO0whndb7LYYWy7uUnMNbeJY_JxnaSOfxvN_7pO2rXrNkAvYmDPQJshBKEKucnq0nPS7MUnlYmqKA0hqFAhqRqHwIXiUBGKA6pAHcpqCDtUhgShMqA8dGUoCZUVgNRwaigaxaE0jEL5QpOFUV3AdrDEgbqCBw64kEIANuRs2JYJctYQzsqnXIWSgEJAPshZK7ZlHgi4oSygvmyCYDt0YYXEAehhdN1VfYgghUogoa8GkEUSIIH3JbkOMMPSogrmSiNdGVeiEK-FCQC8sOLzA7dAGmUk3yj17rsllw23lmlUAcUhA7VaqjwkXn2C1V3utvjLLfGKTxXA97gmC8iuCeoqku8KmtcgLoz4ShQBaLvFgTjsnwHjX5Pq_BRdG-SF3PwE4VINaLKyHmBXWMqzX7oAiTwIJCstbgBaEQJAy7HZe3TQfJaB8s2oQiIfaIjrMXw4QJUP_CwzJDgzQlgzG-VZFEL_YcWFcbPOULpsJjjUGVKzIoTxMypDvAChD9VxZPy5IRizytEmXYFDRV1ZxKNitr2SrcKAcqBFgTogW7jhGumKO-O_-oXZ_4nOwuEr4YrVzwBPo4MUCUBHEuCWG_DnrKKvIVruqoelLLNSvMKDBVTnuDP7lZbws16Q8YReFCAcXv3KI-Ow3r_2J0WxO_tYiXrnB-Xrn9WsYEAf_Nmp5MNe2Doq5_Zil36H-OX0s9dlj3QW0JR8tjE8I_hkdxcB-b5pNqguwowU0lmzNCAP5ctC3Hk4y1BNZTMWr5v-sIJo3j1sXVmGA6ILqm6W7UkD1Ugh-sfVX5C8h7KKQavndDO3SIY72v3G4as1FYjO6YGA17vw5ZAV2XZVw27c0_PSSfHOJPnpzZc5rXuXq-jzy_YJZDgJCLfp7_5xz0A4NODTlPjnUQUI5rr1nVe9FHzn1sw6o0cKsb_2vc7-DfShSQOGcnr5Kd_Sh6bGM0Xig6guv-_xgzLcmrstv1bwod74O6Hog4wKl7ubXJo_Bfc0FYHfoploY6OJkYk2zcyMTHESm1JGwJu8Z-JoOZiMaZxVQ2ZMIeI0p1p6XUITJ3oDZ6XXG-LUEEPEudR2N7urspTPqgOUEUa_1PI6IEM9s5OUFy-zCgm9p1cW2jRyNh13NgxId0yzt-2F6hFDMa9W7bypen12FnXHnjFTHIQdIYwQtp3M3YM3Ezg5GJk4ejkMejOiSm_KtFqIOGkyurQCTJsPIE5GJnOC2KGNDFmsp_F18oVZ1RyruEea6nxFBeiqK7ANOM9pdIkx0yGySdN6yJDpUrOGPtWtXiaka9LT6UfQzAq8mWuWGA6WIRPUMa5mbkwNmnz1VrXGxE95FQA5R5xoEwZTaqnrstiU8BHKlBiQaPMkTo2WrBRWWAeAPAcriWlzWj3idHdd-crmChCC2n-3n-wb5TAlUIGL9pocHfPUq9jRMW-FK0Z0zE_S6d_omMevqbqoQsd8Fa4a0O0vRMtThLbizuUhh2YJJI7tcX7LsOwxCR1tnDvaEoMmjvUGIYWZZnnJEBumB_gwq0ZLk_FTlccpmLFDQUMvjWh65NR13S5H4uVaC2JJrmcGuuoA7jUQTsYKAdi12XK2FQBajZ0xS04OqT68LXCclhoO4tRJEntajp26hLGVjvtvT0fo7p7-jMjy-Hb1RZNBlxnMiYFuzv8SWzGFk1dgl3wPsJa3Ajz5DcIKoShUW_aEV8YrAVZ0uBBuHQxnszNSCEMQoRUb4TpTmICKJwyFOSn1SmJPO6AVA73YPU9YCdJ-TFlL0VLKFpzbq2BjZTDp6ZHksS41mLWc_LT50jWbYlOije10TUBHsJ_QZzpzK7cJ4ULYTRunknFwX5DldhUGpFML0VhqPoveTcLY24PRyfpkUZ0oWmR2TBw0_OXUahh8CeF0MLozgpIlRh1G79gyWetM3qTonI2qc6hnxJLHgVFuNr5ZhmRORuONU-DQ6GhTsDs5rSXaT4S9FQpnVmI3p9yx1-9LOhFzKGrTJA-eq_xg8N8P_RNQvjzA5mo7yr0ye-A95vuECu8xUYKOmyte9ZBNDLtJ086coKgVwjz9pupmgv3Fkgz1fdr_rKCA8zBRB_GerD5c5UVt8fnFdhcCKzsrq-UOu0VZNKrOBByLF9Qrpa8X6C-B7FU11ZavyJQh0mvi_KWVM4LvlNJSuVOUaqHRA2HQ68xNbDNpU_oJIAOBVM05QbJ_CVXaVKe3JP-LbpOP1RJanjMkdHNKXZzQT4zW-2KBvKVGijhJwcqNCZhLIllB8qqI1zpF-RBlwivQ70k88FJzks39EvpYo1txOFzYD8tRfvjgzpVOxd2kfsJ28-ep7PyKhJZFCLy_q9qBFmZAg0jMVg8sE9czpnxYuGfXG8yFfSS2QCMbOzMLqjohP2Na6Lo3Qosmje3nz8A1Rvf2OMrupM6YfLTHQr7qX5NmDFq9SROnrorvGIdvWslXOhyGHyfYl_mL624ZO__x3cJDrHptbolUrD3GHx_U85Vj6CXsyJlRQey-xG0FaP-AUv7hFf2yWi7agQAMPgNdezB5fwU25GhX4MorAH_fnufJdFjQY-YN0My1hJGnQMzMBgnaU7jyKfytfDHzFqhg94-RX6BgRoUC7Rfc1UD2uvtOwg5sbFvCzC94bpQ95bBiTFGjvQ1eoPoJ_Bfc8pSqtAtgHzecZIy8QnZCfkl_wPD6FKxop-DKU4C42WOfV7y3pjyMxCvcMVhRe_lZAJAxoK_7M6ppFCFRFxuEU5DYW0KXy5uTDc9xpzqYGB6sPR1pSIKB90DCjJIN7T1c-R4hQxvMfAmkKeTflwKKcaNVFva6edycTv4TvWwRn7Sf3jEWT6UVLezUGpTzk-gxQFExcC7uaksbRN4fhhWtMOHGwwBzJwbxHBgTpyEZ-fdspXS2MgLbd22C5Qr5Un2MzcoXpKOWpJhmPCa91bpgi9mSduwg2soC4d3EkL3avkEC7-twFualeEB0jfbyFm819pzU_ZnESKPXxdlnS8vqmf1_Xb2v6gBeLud-r93F8wFGrOBGb2bTslq4iB3ctKQ6noZrNy_oMrY_xTOgtVFo7F1Ua8xMJitove3EYP4rZnpAhfCEE8c2lqGepwfUxbWl9OMfkyYqVtkNfZQv8aWPjb8bwXsa2VAUL3Uw0MPY2JhZ2bHks0ZP-4Bt4VcV3fmk_DLImsSd-lSwHJ22j7I-eitxWu2X_ISo4KuWP1HxMu4d2EgHv2fU0sgP1u6F5wNmY-PmAcNdNhLUgLLg65U_LIP_KPkW6RTVtzmIip_Z97XNK7w63BuSyq_DCR8xj5qOetSX-vlZY1Q9FZZ2yOQBOIyMmh0FV4-aMwR1sL92W3l8S_XbIBxyT3IPqHipqpdVczJ7g1U6zCQfj3o2oWy8mk09CUvaoCj42k-_P_kZ79Rrp1u8d_WgRMm99JpvrG86JFkHxVEvRT9GvTbodncSTURPXB_dQ1BwJEr8ulpx7cc5HgKR3ic8vVLF64pj5o6Kiyk5sK8GX8Lhep10gS3VH4xkg8OOyk-Od-aDVY5zCd4ogA9wQIHD2SbmbbUuqTfJknf0U_RNnER9eeZHVwc78NDeC4mftzHqS37FTZAmSsT76Tpip1AGpYY-vXfu8CY6rYC4wxrVxZn2iN02Utz9BuHrTkm3yGmf0q66ooc0ig21ouChWoARVDanRk8LId2lEb0xRKF8CKrx5kQnZfopxHdGRm0RKRdOYuc_zJPfR_bWO1GgmbTndjnxfPxFp_-UPJ89KxeT76C8BnMWx0pbeewv6XXXA3Tit9ixmJqaVe27ckvDRDCUn-hWHWRDmDtKTZ6vgYWb1wDrlZSyo_kPbL47v1a6W6YWwmiqohK9l5SKdZoE7NfBRNuZCbyUZzBDDLFfN-m8peJrJNR2ImHo4ejfbcHzYXNxou4TLa--phYGvaum2z1IiieW3LO1ER3b5V1egWpKJi-yXE8-TbJH3q6rJ-gnboYcfwQhhHczBun0VnhPrJWTN5Ta5pHbYwH4Nt40eT9UdlbuTS4aMXZJqZapJ_vna3vO3DR9EpF3UFktlD8qyMaTd2SlUO5Bs1y1Cz3tK0TxKuP1-Lk4tE3ySILCNxFS1OKWIn4eOe1gE3VVwcEAfgqmRjtlK_iZwVwBrdMk2lTHPOOmPCGiclSjFNPhYIZwaqmltobaxugLDdRUqTu7qDEq8NyQEyVyLm6epK8FlF4fvUFhh2Aate5j0e8IrezF55DjBNM_iWf8S7vhN2rNoiPY73Qzi7xQtsIPipb0QdyxlEH6WtXg7FxBvlGdlMfTZeHmuPbYoz0v9E0lfSy9L0h9TL1VOCa7RAdwozIPSSZO7WIQlwlQ948ahYfl9Pi_eT58dpxIhTvzvTUdS6BRr0uFfcoeBBd_c0E7nwhn9Gc97D-Zw9PeHvRMm5hTHLzsmRlxqovzUceQ2ZFlBysx06VxjlSXpma9MUeaGDIDfVotoOS5OdUiEcQ_baEGGbLGnSPMAL5q5oN3qJ6wlBcM8Pj1XfBmS54H1eFKHtYuoGGQoGfZB7Zvoc_ilE5_1NRtqIkXxT564jZgPsYv39vsOoxtCsvUqhWkPDdlunv4vF04-Zvzx7xYvMWuu1jgp4IiYv2NcDvUM9mA_aXWWD2K0A4fnKVWN2If_7AFFKGFWbl8fGh2oHmuN5gQ-c5MYanRNa5cLGHobRs89SD2qegI9bQ_e1ItrgXv7h3YMH7wYv-gqChQ-b7pCeSP9O2ELhEcHxeji5t3xSXZQh1oXlfzkPBvevaO27PT6umTzCT09YZkiZemtRuLXhWA6kB_mYYPaB4thV4wUBcEODv01ulEe0rwfLLDp39RI5up9mIM77sORDCn23jY9TILvhdk3feeWg2Dhz6t_0wH9bIEMXcxsA23RMUEfEvxqbntVMlvfeez6wXCGiUbzFw40CNTijT2CA7BYpw_PfJFEoZy-RqJcuw2fEcDxiR1iGkTnZlrjL2xYile6nDF1quD2J-tQcuea3RcdPo2RcEECrdE&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ca9fd8f705112105529b7fd53514b6c339f50218d82c1144bf219747e481ab2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1654579541073033-959657613370339703-sas2-0481-644-sas-l7-balancer-8080-BAL-5890
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
v2
yandex.ru/ads/adfox/252771/getBulk/ 		211 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-06-07T05%3A25%3A41.045%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=3223072729&pr=3846799425&prr=&pv=5&pw=2&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.591932&ybv=0.591932&ytt=32986960625669&is-turbo=0&skip-token=&ad-session-id=6345961654579541013&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A0%2C%22top%22%3A14115%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=591932&available-width=1600&yaru=true&p1=cobal&p2=gttr&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=575089%2C0%2C91%3B586081%2C0%2C4%3B593305%2C0%2C23%3B591943%2C0%2C38%3B586227%2C0%2C24%3B590119%2C0%2C18%3B590301%2C0%2C14%3B588486%2C0%2C78%3B591221%2C0%2C33%3B406668%2C0%2C99%3B592005%2C0%2C12%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B203897%2C0%2C80&pcode-flags-map=eJytV11v4zYQ%2FCuFn4MDRYn6uDdaom0ikqgjKTu5w4FI0bwFRdHeFQUO9987lOQPKo6SoH2JAccz3CV3Z2d%2FrPpWbpRuuF19%2FPJj9ffD0%2FfH1ceVaPm6Fqub1bfHv77J3%2FBNQguSFaufX29W5Y63W%2BHKWpa3zu606rc7V6utLAMOXlqpWrfurcVHp6XS0t4HnDHNKB0499y4VhxcyevaWeUmsBV3YWBW90FYjDGSJwPFGLPrW9N3ndJWVAiKV0I7U2rZWWd06Q5ct7LdvsKZsSQ7hdWoMRQua6VdqfzfjtfCWuFa3oiAq5bbnXXrbcCXxSRjA58WneDW7RveOS0%2B9cJYxzcWMcpWq7pejivLkig9xdUb4bpSVXgJ1TSIkFvLy50zO16pwytMRZ7kJ6ZStUYOF7VTB2elxTXytnJrVd07XiFbjTwR5TJpnrIoPpFK4YxVnVN2B2aLmnFNX1v5epp5xmj6jOfdYLltlRaukcagFCpu%2BZiIcSh4t0fCCrfuL2%2BtAs7Hf%2F4IKAuSsPH5KmmGGiuNfj9JXrBTUsYOPHuhDWorALK8yFB9ATZi0Yjl1UbduQaFvJdGrmWNjnJ4%2BqEXl85PaBbHZOBAx0994VPgTXeJ%2B%2Fbn98cAlsfFBEO5GeMLdY55ftYJdDXeNUI%2BtGE1fYnSPKXZDcVFMYaPPM%2Bjm5glUZ7f0Lhgsf9gJEtvaJokSXxDCY0IOf4kJkWaAp6RgkSAZ0mSf72MKSsiEk0xOSNE69TaCL2fFfXj7w%2B%2FPj2GIpXSYlSDjUQuyH8nhi5v7fI1JCwuxiM%2Fi5ai3ythUJSORu5TjBIQnYsXCRilxdhQnRZQRKftGvdfy1Ys4jJasDHiUvWt9Xp6t9OLkDzL6Sij9%2Bh8ced07yrVcNkuVjXJaDy1atAKbtPXNWQX97yIj2I6VaW%2F27VWt3gY3KvbalktIzPozdWAHbrUarlehKN20uT8Nj5cd5CV3TnZ8O3i9aLgkpycsUdRWCvtm0rzSvbmlzcy3HMf9xiw4%2FWB35tlZJxNNVVt%2FAgxHbRbQLMbofpwVFJCSIhNSDzmfBwbgLZ2%2BTwGmotW1sJrx%2FE8J%2B4WWwBHZhl9DpcbP1YOXghfq5AXGI4B7HndB68Vk%2BvoyR2M1SnbDo%2FsuG6Wz06jqf94BaGw0gyDeqMcWnBRbuFKMDQGaC1gOWAiMIr2XEs%2Bu3A6h03PO%2BsnLeBcKsyxNzYWmI5vzTUKBOObn8tFaA3ph2W75GABPicJmaRnNG5etvdSHLy1Wjw6zdJJ%2Ff3PXQv7VArM8Wa7CMsocAPMmA4%2BsNwJH6HrhC5nVep1%2FxLJoiK5KBFyRzBZIQbKWLl4Zh6x6cyyVu3plhq1H2bdMpZmefwCdoyD%2Fkd89Eb8AOl4eQv7Noj90N6vgPFKo4wIOFnhIL8oroPmHe77OODeYW9yTMmxcGEqyunlZkI68xYY8ZSNzennmoH1RxwYcyq4%2BOhDFHohuIHAjFVSC8zG8pX3KqIsv1B8CdvL0Qbw36WvL7MUaRGzaMwOt7Pxp%2B278LToQxxWM9aS4mT3Bsnaau%2FUTOM3nCtFjVndWvjbmaUmeXSiOWoYHgk7jG9IGP32mRaVNiQp4PzYEglsCcyJW0uruRXv5%2FKL26n%2BJpPTzEtQbTaz9yiS87bAe6u2AqaQ%2B73tTNbji7lDvnZRIdvURrqddhe30ap5LtobXpv5CkPpefPzltfnNqWERjCy6ZCw6WEcZ5P62SYCIxoVkyyZ6nbuNPH%2FGI40RMTkqvrLYT%2BbNjunlQor5%2BHpKcwCy116aqzzxHhHj9HoQlBD%2F760LpA0TfOzxXieM9wEC3MevvGIrebrZcnE%2BkuS82%2FxGp%2BDGmMRJUu%2Fv%2BKSIvYCYsx8MgroW2zuNb%2F301%2B2fhqiVcpb30BQzmVlzLDMXHtUX12TZxzK0whrQbjs%2F7AVHfvvRbbRgf5fpJXYcKzeR%2FJxhX4T3c9%2FAfc4TQ8%3D&use-server-side-rendering=1&pcode-icookie=x%2FnlnJJ1LnaAo4OfIUXu8ycsBgGOukijusqABtFGeZJQTP04nx495%2BOY2Am%2F9Zt2lh916MZ61CiLd00IsUTOHv8DjgM%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NzR9ChKjtpDkuOlBGKgrF2v-Iy6ZOE5fF81Y376Z79_ns9G5tJO0whndb7LYYWy7uUnMNbeJY_JxnaSOfxvN_7pO2rXrNkAvYmDPQJshBKEKucnq0nPS7MUnlYmqKA0hqFAhqRqHwIXiUBGKA6pAHcpqCDtUhgShMqA8dGUoCZUVgNRwaigaxaE0jEL5QpOFUV3AdrDEgbqCBw64kEIANuRs2JYJctYQzsqnXIWSgEJAPshZK7ZlHgi4oSygvmyCYDt0YYXEAehhdN1VfYgghUogoa8GkEUSIIH3JbkOMMPSogrmSiNdGVeiEK-FCQC8sOLzA7dAGmUk3yj17rsllw23lmlUAcUhA7VaqjwkXn2C1V3utvjLLfGKTxXA97gmC8iuCeoqku8KmtcgLoz4ShQBaLvFgTjsnwHjX5Pq_BRdG-SF3PwE4VINaLKyHmBXWMqzX7oAiTwIJCstbgBaEQJAy7HZe3TQfJaB8s2oQiIfaIjrMXw4QJUP_CwzJDgzQlgzG-VZFEL_YcWFcbPOULpsJjjUGVKzIoTxMypDvAChD9VxZPy5IRizytEmXYFDRV1ZxKNitr2SrcKAcqBFgTogW7jhGumKO-O_-oXZ_4nOwuEr4YrVzwBPo4MUCUBHEuCWG_DnrKKvIVruqoelLLNSvMKDBVTnuDP7lZbws16Q8YReFCAcXv3KI-Ow3r_2J0WxO_tYiXrnB-Xrn9WsYEAf_Nmp5MNe2Doq5_Zil36H-OX0s9dlj3QW0JR8tjE8I_hkdxcB-b5pNqguwowU0lmzNCAP5ctC3Hk4y1BNZTMWr5v-sIJo3j1sXVmGA6ILqm6W7UkD1Ugh-sfVX5C8h7KKQavndDO3SIY72v3G4as1FYjO6YGA17vw5ZAV2XZVw27c0_PSSfHOJPnpzZc5rXuXq-jzy_YJZDgJCLfp7_5xz0A4NODTlPjnUQUI5rr1nVe9FHzn1sw6o0cKsb_2vc7-DfShSQOGcnr5Kd_Sh6bGM0Xig6guv-_xgzLcmrstv1bwod74O6Hog4wKl7ubXJo_Bfc0FYHfoploY6OJkYk2zcyMTHESm1JGwJu8Z-JoOZiMaZxVQ2ZMIeI0p1p6XUITJ3oDZ6XXG-LUEEPEudR2N7urspTPqgOUEUa_1PI6IEM9s5OUFy-zCgm9p1cW2jRyNh13NgxId0yzt-2F6hFDMa9W7bypen12FnXHnjFTHIQdIYwQtp3M3YM3Ezg5GJk4ejkMejOiSm_KtFqIOGkyurQCTJsPIE5GJnOC2KGNDFmsp_F18oVZ1RyruEea6nxFBeiqK7ANOM9pdIkx0yGySdN6yJDpUrOGPtWtXiaka9LT6UfQzAq8mWuWGA6WIRPUMa5mbkwNmnz1VrXGxE95FQA5R5xoEwZTaqnrstiU8BHKlBiQaPMkTo2WrBRWWAeAPAcriWlzWj3idHdd-crmChCC2n-3n-wb5TAlUIGL9pocHfPUq9jRMW-FK0Z0zE_S6d_omMevqbqoQsd8Fa4a0O0vRMtThLbizuUhh2YJJI7tcX7LsOwxCR1tnDvaEoMmjvUGIYWZZnnJEBumB_gwq0ZLk_FTlccpmLFDQUMvjWh65NR13S5H4uVaC2JJrmcGuuoA7jUQTsYKAdi12XK2FQBajZ0xS04OqT68LXCclhoO4tRJEntajp26hLGVjvtvT0fo7p7-jMjy-Hb1RZNBlxnMiYFuzv8SWzGFk1dgl3wPsJa3Ajz5DcIKoShUW_aEV8YrAVZ0uBBuHQxnszNSCEMQoRUb4TpTmICKJwyFOSn1SmJPO6AVA73YPU9YCdJ-TFlL0VLKFpzbq2BjZTDp6ZHksS41mLWc_LT50jWbYlOije10TUBHsJ_QZzpzK7cJ4ULYTRunknFwX5DldhUGpFML0VhqPoveTcLY24PRyfpkUZ0oWmR2TBw0_OXUahh8CeF0MLozgpIlRh1G79gyWetM3qTonI2qc6hnxJLHgVFuNr5ZhmRORuONU-DQ6GhTsDs5rSXaT4S9FQpnVmI3p9yx1-9LOhFzKGrTJA-eq_xg8N8P_RNQvjzA5mo7yr0ye-A95vuECu8xUYKOmyte9ZBNDLtJ086coKgVwjz9pupmgv3Fkgz1fdr_rKCA8zBRB_GerD5c5UVt8fnFdhcCKzsrq-UOu0VZNKrOBByLF9Qrpa8X6C-B7FU11ZavyJQh0mvi_KWVM4LvlNJSuVOUaqHRA2HQ68xNbDNpU_oJIAOBVM05QbJ_CVXaVKe3JP-LbpOP1RJanjMkdHNKXZzQT4zW-2KBvKVGijhJwcqNCZhLIllB8qqI1zpF-RBlwivQ70k88FJzks39EvpYo1txOFzYD8tRfvjgzpVOxd2kfsJ28-ep7PyKhJZFCLy_q9qBFmZAg0jMVg8sE9czpnxYuGfXG8yFfSS2QCMbOzMLqjohP2Na6Lo3Qosmje3nz8A1Rvf2OMrupM6YfLTHQr7qX5NmDFq9SROnrorvGIdvWslXOhyGHyfYl_mL624ZO__x3cJDrHptbolUrD3GHx_U85Vj6CXsyJlRQey-xG0FaP-AUv7hFf2yWi7agQAMPgNdezB5fwU25GhX4MorAH_fnufJdFjQY-YN0My1hJGnQMzMBgnaU7jyKfytfDHzFqhg94-RX6BgRoUC7Rfc1UD2uvtOwg5sbFvCzC94bpQ95bBiTFGjvQ1eoPoJ_Bfc8pSqtAtgHzecZIy8QnZCfkl_wPD6FKxop-DKU4C42WOfV7y3pjyMxCvcMVhRe_lZAJAxoK_7M6ppFCFRFxuEU5DYW0KXy5uTDc9xpzqYGB6sPR1pSIKB90DCjJIN7T1c-R4hQxvMfAmkKeTflwKKcaNVFva6edycTv4TvWwRn7Sf3jEWT6UVLezUGpTzk-gxQFExcC7uaksbRN4fhhWtMOHGwwBzJwbxHBgTpyEZ-fdspXS2MgLbd22C5Qr5Un2MzcoXpKOWpJhmPCa91bpgi9mSduwg2soC4d3EkL3avkEC7-twFualeEB0jfbyFm819pzU_ZnESKPXxdlnS8vqmf1_Xb2v6gBeLud-r93F8wFGrOBGb2bTslq4iB3ctKQ6noZrNy_oMrY_xTOgtVFo7F1Ua8xMJitove3EYP4rZnpAhfCEE8c2lqGepwfUxbWl9OMfkyYqVtkNfZQv8aWPjb8bwXsa2VAUL3Uw0MPY2JhZ2bHks0ZP-4Bt4VcV3fmk_DLImsSd-lSwHJ22j7I-eitxWu2X_ISo4KuWP1HxMu4d2EgHv2fU0sgP1u6F5wNmY-PmAcNdNhLUgLLg65U_LIP_KPkW6RTVtzmIip_Z97XNK7w63BuSyq_DCR8xj5qOetSX-vlZY1Q9FZZ2yOQBOIyMmh0FV4-aMwR1sL92W3l8S_XbIBxyT3IPqHipqpdVczJ7g1U6zCQfj3o2oWy8mk09CUvaoCj42k-_P_kZ79Rrp1u8d_WgRMm99JpvrG86JFkHxVEvRT9GvTbodncSTURPXB_dQ1BwJEr8ulpx7cc5HgKR3ic8vVLF64pj5o6Kiyk5sK8GX8Lhep10gS3VH4xkg8OOyk-Od-aDVY5zCd4ogA9wQIHD2SbmbbUuqTfJknf0U_RNnER9eeZHVwc78NDeC4mftzHqS37FTZAmSsT76Tpip1AGpYY-vXfu8CY6rYC4wxrVxZn2iN02Utz9BuHrTkm3yGmf0q66ooc0ig21ouChWoARVDanRk8LId2lEb0xRKF8CKrx5kQnZfopxHdGRm0RKRdOYuc_zJPfR_bWO1GgmbTndjnxfPxFp_-UPJ89KxeT76C8BnMWx0pbeewv6XXXA3Tit9ixmJqaVe27ckvDRDCUn-hWHWRDmDtKTZ6vgYWb1wDrlZSyo_kPbL47v1a6W6YWwmiqohK9l5SKdZoE7NfBRNuZCbyUZzBDDLFfN-m8peJrJNR2ImHo4ejfbcHzYXNxou4TLa--phYGvaum2z1IiieW3LO1ER3b5V1egWpKJi-yXE8-TbJH3q6rJ-gnboYcfwQhhHczBun0VnhPrJWTN5Ta5pHbYwH4Nt40eT9UdlbuTS4aMXZJqZapJ_vna3vO3DR9EpF3UFktlD8qyMaTd2SlUO5Bs1y1Cz3tK0TxKuP1-Lk4tE3ySILCNxFS1OKWIn4eOe1gE3VVwcEAfgqmRjtlK_iZwVwBrdMk2lTHPOOmPCGiclSjFNPhYIZwaqmltobaxugLDdRUqTu7qDEq8NyQEyVyLm6epK8FlF4fvUFhh2Aate5j0e8IrezF55DjBNM_iWf8S7vhN2rNoiPY73Qzi7xQtsIPipb0QdyxlEH6WtXg7FxBvlGdlMfTZeHmuPbYoz0v9E0lfSy9L0h9TL1VOCa7RAdwozIPSSZO7WIQlwlQ948ahYfl9Pi_eT58dpxIhTvzvTUdS6BRr0uFfcoeBBd_c0E7nwhn9Gc97D-Zw9PeHvRMm5hTHLzsmRlxqovzUceQ2ZFlBysx06VxjlSXpma9MUeaGDIDfVotoOS5OdUiEcQ_baEGGbLGnSPMAL5q5oN3qJ6wlBcM8Pj1XfBmS54H1eFKHtYuoGGQoGfZB7Zvoc_ilE5_1NRtqIkXxT564jZgPsYv39vsOoxtCsvUqhWkPDdlunv4vF04-Zvzx7xYvMWuu1jgp4IiYv2NcDvUM9mA_aXWWD2K0A4fnKVWN2If_7AFFKGFWbl8fGh2oHmuN5gQ-c5MYanRNa5cLGHobRs89SD2qegI9bQ_e1ItrgXv7h3YMH7wYv-gqChQ-b7pCeSP9O2ELhEcHxeji5t3xSXZQh1oXlfzkPBvevaO27PT6umTzCT09YZkiZemtRuLXhWA6kB_mYYPaB4thV4wUBcEODv01ulEe0rwfLLDp39RI5up9mIM77sORDCn23jY9TILvhdk3feeWg2Dhz6t_0wH9bIEMXcxsA23RMUEfEvxqbntVMlvfeez6wXCGiUbzFw40CNTijT2CA7BYpw_PfJFEoZy-RqJcuw2fEcDxiR1iGkTnZlrjL2xYile6nDF1quD2J-tQcuea3RcdPo2RcEECrdE&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e4fe609f6c381d6b0c887ba0fe7ac11edcf072d9300d29f609d27d633ff5c514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1654579541133197-3949990191555890154-sas2-0481-644-sas-l7-balancer-8080-BAL-4229
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
v2
yandex.ru/ads/adfox/252771/getBulk/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-06-07T05%3A25%3A41.053%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=2398918118&pr=3846799425&prr=&pv=5&pw=2&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.591932&ybv=0.591932&ytt=32986960625669&is-turbo=0&skip-token=&ad-session-id=6345961654579541013&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A241%2C%22h%22%3A0%2C%22width%22%3A241%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1103%2C%22top%22%3A572%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=591932&available-width=241&yaru=true&p1=crsny&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=575089%2C0%2C91%3B586081%2C0%2C4%3B593305%2C0%2C23%3B591943%2C0%2C38%3B586227%2C0%2C24%3B590119%2C0%2C18%3B590301%2C0%2C14%3B588486%2C0%2C78%3B591221%2C0%2C33%3B406668%2C0%2C99%3B592005%2C0%2C12%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B203897%2C0%2C80&pcode-flags-map=eJytV11v4zYQ%2FCuFn4MDRYn6uDdaom0ikqgjKTu5w4FI0bwFRdHeFQUO9987lOQPKo6SoH2JAccz3CV3Z2d%2FrPpWbpRuuF19%2FPJj9ffD0%2FfH1ceVaPm6Fqub1bfHv77J3%2FBNQguSFaufX29W5Y63W%2BHKWpa3zu606rc7V6utLAMOXlqpWrfurcVHp6XS0t4HnDHNKB0499y4VhxcyevaWeUmsBV3YWBW90FYjDGSJwPFGLPrW9N3ndJWVAiKV0I7U2rZWWd06Q5ct7LdvsKZsSQ7hdWoMRQua6VdqfzfjtfCWuFa3oiAq5bbnXXrbcCXxSRjA58WneDW7RveOS0%2B9cJYxzcWMcpWq7pejivLkig9xdUb4bpSVXgJ1TSIkFvLy50zO16pwytMRZ7kJ6ZStUYOF7VTB2elxTXytnJrVd07XiFbjTwR5TJpnrIoPpFK4YxVnVN2B2aLmnFNX1v5epp5xmj6jOfdYLltlRaukcagFCpu%2BZiIcSh4t0fCCrfuL2%2BtAs7Hf%2F4IKAuSsPH5KmmGGiuNfj9JXrBTUsYOPHuhDWorALK8yFB9ATZi0Yjl1UbduQaFvJdGrmWNjnJ4%2BqEXl85PaBbHZOBAx0994VPgTXeJ%2B%2Fbn98cAlsfFBEO5GeMLdY55ftYJdDXeNUI%2BtGE1fYnSPKXZDcVFMYaPPM%2Bjm5glUZ7f0Lhgsf9gJEtvaJokSXxDCY0IOf4kJkWaAp6RgkSAZ0mSf72MKSsiEk0xOSNE69TaCL2fFfXj7w%2B%2FPj2GIpXSYlSDjUQuyH8nhi5v7fI1JCwuxiM%2Fi5ai3ythUJSORu5TjBIQnYsXCRilxdhQnRZQRKftGvdfy1Ys4jJasDHiUvWt9Xp6t9OLkDzL6Sij9%2Bh8ced07yrVcNkuVjXJaDy1atAKbtPXNWQX97yIj2I6VaW%2F27VWt3gY3KvbalktIzPozdWAHbrUarlehKN20uT8Nj5cd5CV3TnZ8O3i9aLgkpycsUdRWCvtm0rzSvbmlzcy3HMf9xiw4%2FWB35tlZJxNNVVt%2FAgxHbRbQLMbofpwVFJCSIhNSDzmfBwbgLZ2%2BTwGmotW1sJrx%2FE8J%2B4WWwBHZhl9DpcbP1YOXghfq5AXGI4B7HndB68Vk%2BvoyR2M1SnbDo%2FsuG6Wz06jqf94BaGw0gyDeqMcWnBRbuFKMDQGaC1gOWAiMIr2XEs%2Bu3A6h03PO%2BsnLeBcKsyxNzYWmI5vzTUKBOObn8tFaA3ph2W75GABPicJmaRnNG5etvdSHLy1Wjw6zdJJ%2Ff3PXQv7VArM8Wa7CMsocAPMmA4%2BsNwJH6HrhC5nVep1%2FxLJoiK5KBFyRzBZIQbKWLl4Zh6x6cyyVu3plhq1H2bdMpZmefwCdoyD%2Fkd89Eb8AOl4eQv7Noj90N6vgPFKo4wIOFnhIL8oroPmHe77OODeYW9yTMmxcGEqyunlZkI68xYY8ZSNzennmoH1RxwYcyq4%2BOhDFHohuIHAjFVSC8zG8pX3KqIsv1B8CdvL0Qbw36WvL7MUaRGzaMwOt7Pxp%2B278LToQxxWM9aS4mT3Bsnaau%2FUTOM3nCtFjVndWvjbmaUmeXSiOWoYHgk7jG9IGP32mRaVNiQp4PzYEglsCcyJW0uruRXv5%2FKL26n%2BJpPTzEtQbTaz9yiS87bAe6u2AqaQ%2B73tTNbji7lDvnZRIdvURrqddhe30ap5LtobXpv5CkPpefPzltfnNqWERjCy6ZCw6WEcZ5P62SYCIxoVkyyZ6nbuNPH%2FGI40RMTkqvrLYT%2BbNjunlQor5%2BHpKcwCy116aqzzxHhHj9HoQlBD%2F760LpA0TfOzxXieM9wEC3MevvGIrebrZcnE%2BkuS82%2FxGp%2BDGmMRJUu%2Fv%2BKSIvYCYsx8MgroW2zuNb%2F301%2B2fhqiVcpb30BQzmVlzLDMXHtUX12TZxzK0whrQbjs%2F7AVHfvvRbbRgf5fpJXYcKzeR%2FJxhX4T3c9%2FAfc4TQ8%3D&use-server-side-rendering=1&pcode-icookie=x%2FnlnJJ1LnaAo4OfIUXu8ycsBgGOukijusqABtFGeZJQTP04nx495%2BOY2Am%2F9Zt2lh916MZ61CiLd00IsUTOHv8DjgM%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NzR9ChKjtpDkuOlBGKgrF2v-Iy6ZOE5fF81Y376Z79_ns9G5tJO0whndb7LYYWy7uUnMNbeJY_JxnaSOfxvN_7pO2rXrNkAvYmDPQJshBKEKucnq0nPS7MUnlYmqKA0hqFAhqRqHwIXiUBGKA6pAHcpqCDtUhgShMqA8dGUoCZUVgNRwaigaxaE0jEL5QpOFUV3AdrDEgbqCBw64kEIANuRs2JYJctYQzsqnXIWSgEJAPshZK7ZlHgi4oSygvmyCYDt0YYXEAehhdN1VfYgghUogoa8GkEUSIIH3JbkOMMPSogrmSiNdGVeiEK-FCQC8sOLzA7dAGmUk3yj17rsllw23lmlUAcUhA7VaqjwkXn2C1V3utvjLLfGKTxXA97gmC8iuCeoqku8KmtcgLoz4ShQBaLvFgTjsnwHjX5Pq_BRdG-SF3PwE4VINaLKyHmBXWMqzX7oAiTwIJCstbgBaEQJAy7HZe3TQfJaB8s2oQiIfaIjrMXw4QJUP_CwzJDgzQlgzG-VZFEL_YcWFcbPOULpsJjjUGVKzIoTxMypDvAChD9VxZPy5IRizytEmXYFDRV1ZxKNitr2SrcKAcqBFgTogW7jhGumKO-O_-oXZ_4nOwuEr4YrVzwBPo4MUCUBHEuCWG_DnrKKvIVruqoelLLNSvMKDBVTnuDP7lZbws16Q8YReFCAcXv3KI-Ow3r_2J0WxO_tYiXrnB-Xrn9WsYEAf_Nmp5MNe2Doq5_Zil36H-OX0s9dlj3QW0JR8tjE8I_hkdxcB-b5pNqguwowU0lmzNCAP5ctC3Hk4y1BNZTMWr5v-sIJo3j1sXVmGA6ILqm6W7UkD1Ugh-sfVX5C8h7KKQavndDO3SIY72v3G4as1FYjO6YGA17vw5ZAV2XZVw27c0_PSSfHOJPnpzZc5rXuXq-jzy_YJZDgJCLfp7_5xz0A4NODTlPjnUQUI5rr1nVe9FHzn1sw6o0cKsb_2vc7-DfShSQOGcnr5Kd_Sh6bGM0Xig6guv-_xgzLcmrstv1bwod74O6Hog4wKl7ubXJo_Bfc0FYHfoploY6OJkYk2zcyMTHESm1JGwJu8Z-JoOZiMaZxVQ2ZMIeI0p1p6XUITJ3oDZ6XXG-LUEEPEudR2N7urspTPqgOUEUa_1PI6IEM9s5OUFy-zCgm9p1cW2jRyNh13NgxId0yzt-2F6hFDMa9W7bypen12FnXHnjFTHIQdIYwQtp3M3YM3Ezg5GJk4ejkMejOiSm_KtFqIOGkyurQCTJsPIE5GJnOC2KGNDFmsp_F18oVZ1RyruEea6nxFBeiqK7ANOM9pdIkx0yGySdN6yJDpUrOGPtWtXiaka9LT6UfQzAq8mWuWGA6WIRPUMa5mbkwNmnz1VrXGxE95FQA5R5xoEwZTaqnrstiU8BHKlBiQaPMkTo2WrBRWWAeAPAcriWlzWj3idHdd-crmChCC2n-3n-wb5TAlUIGL9pocHfPUq9jRMW-FK0Z0zE_S6d_omMevqbqoQsd8Fa4a0O0vRMtThLbizuUhh2YJJI7tcX7LsOwxCR1tnDvaEoMmjvUGIYWZZnnJEBumB_gwq0ZLk_FTlccpmLFDQUMvjWh65NR13S5H4uVaC2JJrmcGuuoA7jUQTsYKAdi12XK2FQBajZ0xS04OqT68LXCclhoO4tRJEntajp26hLGVjvtvT0fo7p7-jMjy-Hb1RZNBlxnMiYFuzv8SWzGFk1dgl3wPsJa3Ajz5DcIKoShUW_aEV8YrAVZ0uBBuHQxnszNSCEMQoRUb4TpTmICKJwyFOSn1SmJPO6AVA73YPU9YCdJ-TFlL0VLKFpzbq2BjZTDp6ZHksS41mLWc_LT50jWbYlOije10TUBHsJ_QZzpzK7cJ4ULYTRunknFwX5DldhUGpFML0VhqPoveTcLY24PRyfpkUZ0oWmR2TBw0_OXUahh8CeF0MLozgpIlRh1G79gyWetM3qTonI2qc6hnxJLHgVFuNr5ZhmRORuONU-DQ6GhTsDs5rSXaT4S9FQpnVmI3p9yx1-9LOhFzKGrTJA-eq_xg8N8P_RNQvjzA5mo7yr0ye-A95vuECu8xUYKOmyte9ZBNDLtJ086coKgVwjz9pupmgv3Fkgz1fdr_rKCA8zBRB_GerD5c5UVt8fnFdhcCKzsrq-UOu0VZNKrOBByLF9Qrpa8X6C-B7FU11ZavyJQh0mvi_KWVM4LvlNJSuVOUaqHRA2HQ68xNbDNpU_oJIAOBVM05QbJ_CVXaVKe3JP-LbpOP1RJanjMkdHNKXZzQT4zW-2KBvKVGijhJwcqNCZhLIllB8qqI1zpF-RBlwivQ70k88FJzks39EvpYo1txOFzYD8tRfvjgzpVOxd2kfsJ28-ep7PyKhJZFCLy_q9qBFmZAg0jMVg8sE9czpnxYuGfXG8yFfSS2QCMbOzMLqjohP2Na6Lo3Qosmje3nz8A1Rvf2OMrupM6YfLTHQr7qX5NmDFq9SROnrorvGIdvWslXOhyGHyfYl_mL624ZO__x3cJDrHptbolUrD3GHx_U85Vj6CXsyJlRQey-xG0FaP-AUv7hFf2yWi7agQAMPgNdezB5fwU25GhX4MorAH_fnufJdFjQY-YN0My1hJGnQMzMBgnaU7jyKfytfDHzFqhg94-RX6BgRoUC7Rfc1UD2uvtOwg5sbFvCzC94bpQ95bBiTFGjvQ1eoPoJ_Bfc8pSqtAtgHzecZIy8QnZCfkl_wPD6FKxop-DKU4C42WOfV7y3pjyMxCvcMVhRe_lZAJAxoK_7M6ppFCFRFxuEU5DYW0KXy5uTDc9xpzqYGB6sPR1pSIKB90DCjJIN7T1c-R4hQxvMfAmkKeTflwKKcaNVFva6edycTv4TvWwRn7Sf3jEWT6UVLezUGpTzk-gxQFExcC7uaksbRN4fhhWtMOHGwwBzJwbxHBgTpyEZ-fdspXS2MgLbd22C5Qr5Un2MzcoXpKOWpJhmPCa91bpgi9mSduwg2soC4d3EkL3avkEC7-twFualeEB0jfbyFm819pzU_ZnESKPXxdlnS8vqmf1_Xb2v6gBeLud-r93F8wFGrOBGb2bTslq4iB3ctKQ6noZrNy_oMrY_xTOgtVFo7F1Ua8xMJitove3EYP4rZnpAhfCEE8c2lqGepwfUxbWl9OMfkyYqVtkNfZQv8aWPjb8bwXsa2VAUL3Uw0MPY2JhZ2bHks0ZP-4Bt4VcV3fmk_DLImsSd-lSwHJ22j7I-eitxWu2X_ISo4KuWP1HxMu4d2EgHv2fU0sgP1u6F5wNmY-PmAcNdNhLUgLLg65U_LIP_KPkW6RTVtzmIip_Z97XNK7w63BuSyq_DCR8xj5qOetSX-vlZY1Q9FZZ2yOQBOIyMmh0FV4-aMwR1sL92W3l8S_XbIBxyT3IPqHipqpdVczJ7g1U6zCQfj3o2oWy8mk09CUvaoCj42k-_P_kZ79Rrp1u8d_WgRMm99JpvrG86JFkHxVEvRT9GvTbodncSTURPXB_dQ1BwJEr8ulpx7cc5HgKR3ic8vVLF64pj5o6Kiyk5sK8GX8Lhep10gS3VH4xkg8OOyk-Od-aDVY5zCd4ogA9wQIHD2SbmbbUuqTfJknf0U_RNnER9eeZHVwc78NDeC4mftzHqS37FTZAmSsT76Tpip1AGpYY-vXfu8CY6rYC4wxrVxZn2iN02Utz9BuHrTkm3yGmf0q66ooc0ig21ouChWoARVDanRk8LId2lEb0xRKF8CKrx5kQnZfopxHdGRm0RKRdOYuc_zJPfR_bWO1GgmbTndjnxfPxFp_-UPJ89KxeT76C8BnMWx0pbeewv6XXXA3Tit9ixmJqaVe27ckvDRDCUn-hWHWRDmDtKTZ6vgYWb1wDrlZSyo_kPbL47v1a6W6YWwmiqohK9l5SKdZoE7NfBRNuZCbyUZzBDDLFfN-m8peJrJNR2ImHo4ejfbcHzYXNxou4TLa--phYGvaum2z1IiieW3LO1ER3b5V1egWpKJi-yXE8-TbJH3q6rJ-gnboYcfwQhhHczBun0VnhPrJWTN5Ta5pHbYwH4Nt40eT9UdlbuTS4aMXZJqZapJ_vna3vO3DR9EpF3UFktlD8qyMaTd2SlUO5Bs1y1Cz3tK0TxKuP1-Lk4tE3ySILCNxFS1OKWIn4eOe1gE3VVwcEAfgqmRjtlK_iZwVwBrdMk2lTHPOOmPCGiclSjFNPhYIZwaqmltobaxugLDdRUqTu7qDEq8NyQEyVyLm6epK8FlF4fvUFhh2Aate5j0e8IrezF55DjBNM_iWf8S7vhN2rNoiPY73Qzi7xQtsIPipb0QdyxlEH6WtXg7FxBvlGdlMfTZeHmuPbYoz0v9E0lfSy9L0h9TL1VOCa7RAdwozIPSSZO7WIQlwlQ948ahYfl9Pi_eT58dpxIhTvzvTUdS6BRr0uFfcoeBBd_c0E7nwhn9Gc97D-Zw9PeHvRMm5hTHLzsmRlxqovzUceQ2ZFlBysx06VxjlSXpma9MUeaGDIDfVotoOS5OdUiEcQ_baEGGbLGnSPMAL5q5oN3qJ6wlBcM8Pj1XfBmS54H1eFKHtYuoGGQoGfZB7Zvoc_ilE5_1NRtqIkXxT564jZgPsYv39vsOoxtCsvUqhWkPDdlunv4vF04-Zvzx7xYvMWuu1jgp4IiYv2NcDvUM9mA_aXWWD2K0A4fnKVWN2If_7AFFKGFWbl8fGh2oHmuN5gQ-c5MYanRNa5cLGHobRs89SD2qegI9bQ_e1ItrgXv7h3YMH7wYv-gqChQ-b7pCeSP9O2ELhEcHxeji5t3xSXZQh1oXlfzkPBvevaO27PT6umTzCT09YZkiZemtRuLXhWA6kB_mYYPaB4thV4wUBcEODv01ulEe0rwfLLDp39RI5up9mIM77sORDCn23jY9TILvhdk3feeWg2Dhz6t_0wH9bIEMXcxsA23RMUEfEvxqbntVMlvfeez6wXCGiUbzFw40CNTijT2CA7BYpw_PfJFEoZy-RqJcuw2fEcDxiR1iGkTnZlrjL2xYile6nDF1quD2J-tQcuea3RcdPo2RcEECrdE&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
44173dc228bfc577c2b9fc1a168ab0798e24fbb1ff8e8f1171879889706cf374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1654579541133614-1772088294634253601-sas2-0481-644-sas-l7-balancer-8080-BAL-8926
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
v2
yandex.ru/ads/adfox/252771/getBulk/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-06-07T05%3A25%3A41.056%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=3082290817&pr=3846799425&prr=&pv=5&pw=2&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.591932&ybv=0.591932&ytt=32986960625669&is-turbo=0&skip-token=&ad-session-id=6345961654579541013&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A436%2C%22top%22%3A330%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=591932&available-width=728&yaru=true&p1=crsnx&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=575089%2C0%2C91%3B586081%2C0%2C4%3B593305%2C0%2C23%3B591943%2C0%2C38%3B586227%2C0%2C24%3B590119%2C0%2C18%3B590301%2C0%2C14%3B588486%2C0%2C78%3B591221%2C0%2C33%3B406668%2C0%2C99%3B592005%2C0%2C12%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1%3B203897%2C0%2C80&pcode-flags-map=eJytV11v4zYQ%2FCuFn4MDRYn6uDdaom0ikqgjKTu5w4FI0bwFRdHeFQUO9987lOQPKo6SoH2JAccz3CV3Z2d%2FrPpWbpRuuF19%2FPJj9ffD0%2FfH1ceVaPm6Fqub1bfHv77J3%2FBNQguSFaufX29W5Y63W%2BHKWpa3zu606rc7V6utLAMOXlqpWrfurcVHp6XS0t4HnDHNKB0499y4VhxcyevaWeUmsBV3YWBW90FYjDGSJwPFGLPrW9N3ndJWVAiKV0I7U2rZWWd06Q5ct7LdvsKZsSQ7hdWoMRQua6VdqfzfjtfCWuFa3oiAq5bbnXXrbcCXxSRjA58WneDW7RveOS0%2B9cJYxzcWMcpWq7pejivLkig9xdUb4bpSVXgJ1TSIkFvLy50zO16pwytMRZ7kJ6ZStUYOF7VTB2elxTXytnJrVd07XiFbjTwR5TJpnrIoPpFK4YxVnVN2B2aLmnFNX1v5epp5xmj6jOfdYLltlRaukcagFCpu%2BZiIcSh4t0fCCrfuL2%2BtAs7Hf%2F4IKAuSsPH5KmmGGiuNfj9JXrBTUsYOPHuhDWorALK8yFB9ATZi0Yjl1UbduQaFvJdGrmWNjnJ4%2BqEXl85PaBbHZOBAx0994VPgTXeJ%2B%2Fbn98cAlsfFBEO5GeMLdY55ftYJdDXeNUI%2BtGE1fYnSPKXZDcVFMYaPPM%2Bjm5glUZ7f0Lhgsf9gJEtvaJokSXxDCY0IOf4kJkWaAp6RgkSAZ0mSf72MKSsiEk0xOSNE69TaCL2fFfXj7w%2B%2FPj2GIpXSYlSDjUQuyH8nhi5v7fI1JCwuxiM%2Fi5ai3ythUJSORu5TjBIQnYsXCRilxdhQnRZQRKftGvdfy1Ys4jJasDHiUvWt9Xp6t9OLkDzL6Sij9%2Bh8ced07yrVcNkuVjXJaDy1atAKbtPXNWQX97yIj2I6VaW%2F27VWt3gY3KvbalktIzPozdWAHbrUarlehKN20uT8Nj5cd5CV3TnZ8O3i9aLgkpycsUdRWCvtm0rzSvbmlzcy3HMf9xiw4%2FWB35tlZJxNNVVt%2FAgxHbRbQLMbofpwVFJCSIhNSDzmfBwbgLZ2%2BTwGmotW1sJrx%2FE8J%2B4WWwBHZhl9DpcbP1YOXghfq5AXGI4B7HndB68Vk%2BvoyR2M1SnbDo%2FsuG6Wz06jqf94BaGw0gyDeqMcWnBRbuFKMDQGaC1gOWAiMIr2XEs%2Bu3A6h03PO%2BsnLeBcKsyxNzYWmI5vzTUKBOObn8tFaA3ph2W75GABPicJmaRnNG5etvdSHLy1Wjw6zdJJ%2Ff3PXQv7VArM8Wa7CMsocAPMmA4%2BsNwJH6HrhC5nVep1%2FxLJoiK5KBFyRzBZIQbKWLl4Zh6x6cyyVu3plhq1H2bdMpZmefwCdoyD%2Fkd89Eb8AOl4eQv7Noj90N6vgPFKo4wIOFnhIL8oroPmHe77OODeYW9yTMmxcGEqyunlZkI68xYY8ZSNzennmoH1RxwYcyq4%2BOhDFHohuIHAjFVSC8zG8pX3KqIsv1B8CdvL0Qbw36WvL7MUaRGzaMwOt7Pxp%2B278LToQxxWM9aS4mT3Bsnaau%2FUTOM3nCtFjVndWvjbmaUmeXSiOWoYHgk7jG9IGP32mRaVNiQp4PzYEglsCcyJW0uruRXv5%2FKL26n%2BJpPTzEtQbTaz9yiS87bAe6u2AqaQ%2B73tTNbji7lDvnZRIdvURrqddhe30ap5LtobXpv5CkPpefPzltfnNqWERjCy6ZCw6WEcZ5P62SYCIxoVkyyZ6nbuNPH%2FGI40RMTkqvrLYT%2BbNjunlQor5%2BHpKcwCy116aqzzxHhHj9HoQlBD%2F760LpA0TfOzxXieM9wEC3MevvGIrebrZcnE%2BkuS82%2FxGp%2BDGmMRJUu%2Fv%2BKSIvYCYsx8MgroW2zuNb%2F301%2B2fhqiVcpb30BQzmVlzLDMXHtUX12TZxzK0whrQbjs%2F7AVHfvvRbbRgf5fpJXYcKzeR%2FJxhX4T3c9%2FAfc4TQ8%3D&use-server-side-rendering=1&pcode-icookie=x%2FnlnJJ1LnaAo4OfIUXu8ycsBgGOukijusqABtFGeZJQTP04nx495%2BOY2Am%2F9Zt2lh916MZ61CiLd00IsUTOHv8DjgM%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NzR9ChKjtpDkuOlBGKgrF2v-Iy6ZOE5fF81Y376Z79_ns9G5tJO0whndb7LYYWy7uUnMNbeJY_JxnaSOfxvN_7pO2rXrNkAvYmDPQJshBKEKucnq0nPS7MUnlYmqKA0hqFAhqRqHwIXiUBGKA6pAHcpqCDtUhgShMqA8dGUoCZUVgNRwaigaxaE0jEL5QpOFUV3AdrDEgbqCBw64kEIANuRs2JYJctYQzsqnXIWSgEJAPshZK7ZlHgi4oSygvmyCYDt0YYXEAehhdN1VfYgghUogoa8GkEUSIIH3JbkOMMPSogrmSiNdGVeiEK-FCQC8sOLzA7dAGmUk3yj17rsllw23lmlUAcUhA7VaqjwkXn2C1V3utvjLLfGKTxXA97gmC8iuCeoqku8KmtcgLoz4ShQBaLvFgTjsnwHjX5Pq_BRdG-SF3PwE4VINaLKyHmBXWMqzX7oAiTwIJCstbgBaEQJAy7HZe3TQfJaB8s2oQiIfaIjrMXw4QJUP_CwzJDgzQlgzG-VZFEL_YcWFcbPOULpsJjjUGVKzIoTxMypDvAChD9VxZPy5IRizytEmXYFDRV1ZxKNitr2SrcKAcqBFgTogW7jhGumKO-O_-oXZ_4nOwuEr4YrVzwBPo4MUCUBHEuCWG_DnrKKvIVruqoelLLNSvMKDBVTnuDP7lZbws16Q8YReFCAcXv3KI-Ow3r_2J0WxO_tYiXrnB-Xrn9WsYEAf_Nmp5MNe2Doq5_Zil36H-OX0s9dlj3QW0JR8tjE8I_hkdxcB-b5pNqguwowU0lmzNCAP5ctC3Hk4y1BNZTMWr5v-sIJo3j1sXVmGA6ILqm6W7UkD1Ugh-sfVX5C8h7KKQavndDO3SIY72v3G4as1FYjO6YGA17vw5ZAV2XZVw27c0_PSSfHOJPnpzZc5rXuXq-jzy_YJZDgJCLfp7_5xz0A4NODTlPjnUQUI5rr1nVe9FHzn1sw6o0cKsb_2vc7-DfShSQOGcnr5Kd_Sh6bGM0Xig6guv-_xgzLcmrstv1bwod74O6Hog4wKl7ubXJo_Bfc0FYHfoploY6OJkYk2zcyMTHESm1JGwJu8Z-JoOZiMaZxVQ2ZMIeI0p1p6XUITJ3oDZ6XXG-LUEEPEudR2N7urspTPqgOUEUa_1PI6IEM9s5OUFy-zCgm9p1cW2jRyNh13NgxId0yzt-2F6hFDMa9W7bypen12FnXHnjFTHIQdIYwQtp3M3YM3Ezg5GJk4ejkMejOiSm_KtFqIOGkyurQCTJsPIE5GJnOC2KGNDFmsp_F18oVZ1RyruEea6nxFBeiqK7ANOM9pdIkx0yGySdN6yJDpUrOGPtWtXiaka9LT6UfQzAq8mWuWGA6WIRPUMa5mbkwNmnz1VrXGxE95FQA5R5xoEwZTaqnrstiU8BHKlBiQaPMkTo2WrBRWWAeAPAcriWlzWj3idHdd-crmChCC2n-3n-wb5TAlUIGL9pocHfPUq9jRMW-FK0Z0zE_S6d_omMevqbqoQsd8Fa4a0O0vRMtThLbizuUhh2YJJI7tcX7LsOwxCR1tnDvaEoMmjvUGIYWZZnnJEBumB_gwq0ZLk_FTlccpmLFDQUMvjWh65NR13S5H4uVaC2JJrmcGuuoA7jUQTsYKAdi12XK2FQBajZ0xS04OqT68LXCclhoO4tRJEntajp26hLGVjvtvT0fo7p7-jMjy-Hb1RZNBlxnMiYFuzv8SWzGFk1dgl3wPsJa3Ajz5DcIKoShUW_aEV8YrAVZ0uBBuHQxnszNSCEMQoRUb4TpTmICKJwyFOSn1SmJPO6AVA73YPU9YCdJ-TFlL0VLKFpzbq2BjZTDp6ZHksS41mLWc_LT50jWbYlOije10TUBHsJ_QZzpzK7cJ4ULYTRunknFwX5DldhUGpFML0VhqPoveTcLY24PRyfpkUZ0oWmR2TBw0_OXUahh8CeF0MLozgpIlRh1G79gyWetM3qTonI2qc6hnxJLHgVFuNr5ZhmRORuONU-DQ6GhTsDs5rSXaT4S9FQpnVmI3p9yx1-9LOhFzKGrTJA-eq_xg8N8P_RNQvjzA5mo7yr0ye-A95vuECu8xUYKOmyte9ZBNDLtJ086coKgVwjz9pupmgv3Fkgz1fdr_rKCA8zBRB_GerD5c5UVt8fnFdhcCKzsrq-UOu0VZNKrOBByLF9Qrpa8X6C-B7FU11ZavyJQh0mvi_KWVM4LvlNJSuVOUaqHRA2HQ68xNbDNpU_oJIAOBVM05QbJ_CVXaVKe3JP-LbpOP1RJanjMkdHNKXZzQT4zW-2KBvKVGijhJwcqNCZhLIllB8qqI1zpF-RBlwivQ70k88FJzks39EvpYo1txOFzYD8tRfvjgzpVOxd2kfsJ28-ep7PyKhJZFCLy_q9qBFmZAg0jMVg8sE9czpnxYuGfXG8yFfSS2QCMbOzMLqjohP2Na6Lo3Qosmje3nz8A1Rvf2OMrupM6YfLTHQr7qX5NmDFq9SROnrorvGIdvWslXOhyGHyfYl_mL624ZO__x3cJDrHptbolUrD3GHx_U85Vj6CXsyJlRQey-xG0FaP-AUv7hFf2yWi7agQAMPgNdezB5fwU25GhX4MorAH_fnufJdFjQY-YN0My1hJGnQMzMBgnaU7jyKfytfDHzFqhg94-RX6BgRoUC7Rfc1UD2uvtOwg5sbFvCzC94bpQ95bBiTFGjvQ1eoPoJ_Bfc8pSqtAtgHzecZIy8QnZCfkl_wPD6FKxop-DKU4C42WOfV7y3pjyMxCvcMVhRe_lZAJAxoK_7M6ppFCFRFxuEU5DYW0KXy5uTDc9xpzqYGB6sPR1pSIKB90DCjJIN7T1c-R4hQxvMfAmkKeTflwKKcaNVFva6edycTv4TvWwRn7Sf3jEWT6UVLezUGpTzk-gxQFExcC7uaksbRN4fhhWtMOHGwwBzJwbxHBgTpyEZ-fdspXS2MgLbd22C5Qr5Un2MzcoXpKOWpJhmPCa91bpgi9mSduwg2soC4d3EkL3avkEC7-twFualeEB0jfbyFm819pzU_ZnESKPXxdlnS8vqmf1_Xb2v6gBeLud-r93F8wFGrOBGb2bTslq4iB3ctKQ6noZrNy_oMrY_xTOgtVFo7F1Ua8xMJitove3EYP4rZnpAhfCEE8c2lqGepwfUxbWl9OMfkyYqVtkNfZQv8aWPjb8bwXsa2VAUL3Uw0MPY2JhZ2bHks0ZP-4Bt4VcV3fmk_DLImsSd-lSwHJ22j7I-eitxWu2X_ISo4KuWP1HxMu4d2EgHv2fU0sgP1u6F5wNmY-PmAcNdNhLUgLLg65U_LIP_KPkW6RTVtzmIip_Z97XNK7w63BuSyq_DCR8xj5qOetSX-vlZY1Q9FZZ2yOQBOIyMmh0FV4-aMwR1sL92W3l8S_XbIBxyT3IPqHipqpdVczJ7g1U6zCQfj3o2oWy8mk09CUvaoCj42k-_P_kZ79Rrp1u8d_WgRMm99JpvrG86JFkHxVEvRT9GvTbodncSTURPXB_dQ1BwJEr8ulpx7cc5HgKR3ic8vVLF64pj5o6Kiyk5sK8GX8Lhep10gS3VH4xkg8OOyk-Od-aDVY5zCd4ogA9wQIHD2SbmbbUuqTfJknf0U_RNnER9eeZHVwc78NDeC4mftzHqS37FTZAmSsT76Tpip1AGpYY-vXfu8CY6rYC4wxrVxZn2iN02Utz9BuHrTkm3yGmf0q66ooc0ig21ouChWoARVDanRk8LId2lEb0xRKF8CKrx5kQnZfopxHdGRm0RKRdOYuc_zJPfR_bWO1GgmbTndjnxfPxFp_-UPJ89KxeT76C8BnMWx0pbeewv6XXXA3Tit9ixmJqaVe27ckvDRDCUn-hWHWRDmDtKTZ6vgYWb1wDrlZSyo_kPbL47v1a6W6YWwmiqohK9l5SKdZoE7NfBRNuZCbyUZzBDDLFfN-m8peJrJNR2ImHo4ejfbcHzYXNxou4TLa--phYGvaum2z1IiieW3LO1ER3b5V1egWpKJi-yXE8-TbJH3q6rJ-gnboYcfwQhhHczBun0VnhPrJWTN5Ta5pHbYwH4Nt40eT9UdlbuTS4aMXZJqZapJ_vna3vO3DR9EpF3UFktlD8qyMaTd2SlUO5Bs1y1Cz3tK0TxKuP1-Lk4tE3ySILCNxFS1OKWIn4eOe1gE3VVwcEAfgqmRjtlK_iZwVwBrdMk2lTHPOOmPCGiclSjFNPhYIZwaqmltobaxugLDdRUqTu7qDEq8NyQEyVyLm6epK8FlF4fvUFhh2Aate5j0e8IrezF55DjBNM_iWf8S7vhN2rNoiPY73Qzi7xQtsIPipb0QdyxlEH6WtXg7FxBvlGdlMfTZeHmuPbYoz0v9E0lfSy9L0h9TL1VOCa7RAdwozIPSSZO7WIQlwlQ948ahYfl9Pi_eT58dpxIhTvzvTUdS6BRr0uFfcoeBBd_c0E7nwhn9Gc97D-Zw9PeHvRMm5hTHLzsmRlxqovzUceQ2ZFlBysx06VxjlSXpma9MUeaGDIDfVotoOS5OdUiEcQ_baEGGbLGnSPMAL5q5oN3qJ6wlBcM8Pj1XfBmS54H1eFKHtYuoGGQoGfZB7Zvoc_ilE5_1NRtqIkXxT564jZgPsYv39vsOoxtCsvUqhWkPDdlunv4vF04-Zvzx7xYvMWuu1jgp4IiYv2NcDvUM9mA_aXWWD2K0A4fnKVWN2If_7AFFKGFWbl8fGh2oHmuN5gQ-c5MYanRNa5cLGHobRs89SD2qegI9bQ_e1ItrgXv7h3YMH7wYv-gqChQ-b7pCeSP9O2ELhEcHxeji5t3xSXZQh1oXlfzkPBvevaO27PT6umTzCT09YZkiZemtRuLXhWA6kB_mYYPaB4thV4wUBcEODv01ulEe0rwfLLDp39RI5up9mIM77sORDCn23jY9TILvhdk3feeWg2Dhz6t_0wH9bIEMXcxsA23RMUEfEvxqbntVMlvfeez6wXCGiUbzFw40CNTijT2CA7BYpw_PfJFEoZy-RqJcuw2fEcDxiR1iGkTnZlrjL2xYile6nDF1quD2J-tQcuea3RcdPo2RcEECrdE&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
1b6d42ddb65392684149d8b79de6c27928513dadae7cc692977aac308117f47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1654579541133976-1346802399963655745-sas2-0481-644-sas-l7-balancer-8080-BAL-2267
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
1a54904685c927c7077b.js
yastatic.net/partner-code-bundles/591932/ 		503 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/1a54904685c927c7077b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8a672b7b02c6a3fe2cf27c6c07f30d9729ffde2cf60701d730a17a83492e1b0f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
105304
last-modified
Fri, 03 Jun 2022 15:31:08 GMT
server
nginx/1.17.9
etag
"87699fde838c932d3044000c9ea5eaf0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:57:37 GMT
82f7f5be278402f563aa.js
yastatic.net/partner-code-bundles/591932/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/82f7f5be278402f563aa.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
56eb625e383914b8ad3c210480659fb5ec02851fb4c7299d2e8961b8814b1277
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
10059
last-modified
Fri, 03 Jun 2022 15:31:09 GMT
server
nginx/1.17.9
etag
"9704d9c9698c9fc3761ddc0ffe8be209"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:59:13 GMT
arrow-up.svg
www.nur.kz/nur/img/icons/ 		150 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/icons/arrow-up.svg
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
W/"6298d0df-96"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
expires
Wed, 07 Jun 2023 05:25:41 GMT
arrow-down.svg
www.nur.kz/nur/img/icons/ 		158 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nur.kz/nur/img/icons/arrow-down.svg
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/nur/css/freedom-finance-desktop.593ce3a5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 02 Jun 2022 15:01:51 GMT
server
nginx
etag
W/"6298d0df-9e"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
expires
Wed, 07 Jun 2023 05:25:41 GMT
collect
i.clarity.ms/ 		0
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.nur.kz
date
Tue, 07 Jun 2022 05:25:41 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6d1562c28bd325a90e677872ed5f7820ec64e38d81ef5ced6dad1e6ae54bbcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10573
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&RedC=c.clarity.ms&MXFR=048B0EF92C8F6D9C07611F45288F63BA
  • https://c.clarity.ms/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&MUID=105683FF360166B9332C9243376A67AC
42 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&MUID=105683FF360166B9332C9243376A67AC
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
last-modified
Fri, 20 May 2022 21:53:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"17a28a3946cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A18EF2E46E8426CB07144FDEFA88E3B Ref B: FRAEDGE1414 Ref C: 2022-06-07T05:25:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=8DD3B558A638448FA2CEC4F4CD178CCC&MUID=105683FF360166B9332C9243376A67AC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 05:25:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/591932/1a54904685c927c7077b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f255cb2fbb297b78ba7cd47935bd1c55629ab92cdba2b88bfe270568e7e4a0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56159
x-xss-protection
0
server
cafe
etag
5589229679326600887
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
event
ads.adfox.ru/252771/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=6053ea34965ac7f6&pm=cyz&p5=kunhe&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=fzgbecb&sj=ipOdv5znFrzhBjvKM6-Tgu1HMR3nUoXT6-n6-cFOwmn8CXLfHB2rx0P3uDaBPQ%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsny&rqs=VRUTueL6tG5V4Z5irv5W_cQB6bISwfIL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/252771/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=0b68fbe630970969&pm=cyz&p5=kunhv&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=mtikfuw&sj=X-zyVz1-jxzrX-eGz0DV2c7ZKxfElbl3zYbK27_kVD8V0sX1-XiLmSuQDyvD7Q%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsnx&rqs=VYVLrEcQfypV4Z5iC581RKLJyDN5waFP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 769C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG2wtR0fW47_iuDpJ7o8FFpsIRQEbO9ETMksTsXJTHI_EAjwFcMnmmrMWwBZ66l1M3_gIEZZVw4Hey6vmr7G5lnFGBzS64Mf5cInA7D5CwSFrFiqpyqj7P7Yr9pbS2dQCw6nKvKF6W2iNncojunUuhE0T6OqZ7ZL47UUMtmyqRWI-nGV0bvIY7nI3OxKrpeRH3ZyVTkWKhFSlMNUjyOlkgV_yC0-HmvGz91HQhSFoI10GVgUBpG0RPXT0VJwEGllghdzK17gKa9PjDphOtMcssHNXyuuKIzvwnhD5b-yBx2-1zndU66FskeEkEj28Z&sai=AMfl-YTrwO1JtbklbTVJbKZVCsJNnCcnNpumIidS86DWaxrE5wCGCIVcmZVVm-tqL1RrLRLVZEVUmb0hnrozzzqRnHl19Ctt6DVOUmNVFkzTjA2Gb60guG6ArXYzpij4IScu&sig=Cg0ArKJSzCES-hjqusD3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 07 Jun 2022 05:25:41 GMT
context.js
an.yandex.ru/system/ Frame 769C 		283 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
2ce374bc845d63893f7d5b7bbe81a5c359d48eefb9ee171186d9b6b83323015f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
x-yandex-req-id
1654579541580719-38293750544110833200090-production-app-host-sas-pcode-281
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 07 Jun 2022 06:25:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 769C 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 05:25:41 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012205232225000/ Frame BA6B 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205232225000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3f58f3312c76a6f539c52aec847073a1006d926523a05488196a4cbbd65a65e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61365
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4579876533dc4005"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Jun 2023 15:59:04 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012205232225000/v0/ Frame BA6B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205232225000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0adf1237c7f4225da0d9caa843c47f93486794e415e4db68a59df3a689041334
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5185
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e8b03820359a38cb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Jun 2023 15:59:04 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012205232225000/v0/ Frame BA6B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205232225000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c9452fde41ea8c1edaeaac061cdbc3e61c14ad4fd3eb1ebb08fd4c2a1b5796
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28839
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fea41acf0887ba56"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Jun 2023 15:59:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012205232225000/v0/ Frame BA6B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205232225000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04b9c4e75a95191d5d055f6a0b43ecabbe26a8c0c804e7fbb88b4a7f02d1de1e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1905
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"544a564eb1dfeb4f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Jun 2023 15:59:04 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012205232225000/v0/ Frame BA6B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012205232225000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66adaa239f3adfca9c0b4dff99152181b29fd61b12cdc990dea1c6f98a3692a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
48397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12947
x-xss-protection
0
server
sffe
date
Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"52c760a2cdc81e95"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Jun 2023 15:59:04 GMT
css
fonts.googleapis.com/ Frame BA6B 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 04:44:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 05:25:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 05:25:41 GMT
container.html
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DADF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:40 GMT
expires
Wed, 07 Jun 2023 05:25:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BA6B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 18:06:10 GMT
x-content-type-options
nosniff
server
cafe
age
40771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6726277462267614359
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Tue, 07 Jun 2022 18:06:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BA6B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
44796
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 07 Jun 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame BA6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvhbFhSET6jr7yWrs9-DDAqXd3trqFu-_ors2-8NG2g6Ra66mj9TZVjPtwJ7mydcEC7l-V0vlkiQPeYvy3m9UVAQZWnw
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
ai.aspx
m.exactag.com/ Frame BA6B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=sixt-gaw&extLi=1427470297&rnd=3680329119
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Di, 07 Jun 2022 05:25:41 GMT
Server
Microsoft-IIS/8.5
Date
Tue, 07 Jun 2022 05:25:40 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.nur.kz
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1751
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BA6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChZjwVOGeYs60LtrQ7gO-6y3Ls9SjavKPvseED47M_LikKBABIKzI6ktglYKAgLAHoAGF-fH7A8gBCakC_EL8qeLssT7gAgCoAwHIAwqqBNoBT9AFNCLCT-6Rm4lgW-HThzfA1ieNicvX9LB6J1t2Tt5eU1zWJKibYsjQeHRKG3FVMWYjRGifWAKnCyxAzEx_pEWb1TPKvDa-qzKBmxvWfx-R-V4q_1eAWMCUEsfwpH99IC6UBSW-OVnAXH9Ix_tJrCi7ndAGaRXfjt0iTj5y5slgjqWOHchJI_5YYCw7IQAyeiaY3JEAJDCCxwRHD6Ssh_W-MzO4cSzeKszFKKUVftY1bLlSWPgMmhDPV4gQBwEFWa6-4dROCfcWgesVE1ZMdf1xdHM2crHNOXTABKmSqeDJAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAet5aEyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQjrkL0ggJCIjhgBAQARgdgAoByAsBuBOIJ9gTDIgUBdAVAYAXAbIXHgocCAASFHB1Yi0zMzY5MjYzNzEwMDk2MTYzGMGQag&sigh=oab1hy_-D_E&uach_m=[UACH]&template_id=5000
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C78 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 04:51:13 GMT
expires
Wed, 07 Jun 2023 04:51:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E460 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
914b488d532e5aaa35310103109a1b93ef70c9dfd272a86e2cc890a732b6a568
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D3AXsM_tofg3MLJx8loK8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-D3AXsM_tofg3MLJx8loK8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:41 GMT
expires
Tue, 07 Jun 2022 05:25:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f47367e185ac2a353d77be1e2e96a57fa78f88d950d34d3bf7737879b6c14734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122339
x-xss-protection
0
server
cafe
etag
7546528317269075824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/ Frame 9A2B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jun 2022 20:58:48 GMT
etag
1327746537699501093
expires
Mon, 20 Jun 2022 20:58:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/447044929196506231/ Frame BA6B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/447044929196506231/downsize_200k_v1?w=400&h=209
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b793f2f334bef5476ad686f366d79eaa953e43db2749dc9fdad9f3bf13b686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 18:54:10 GMT
x-content-type-options
nosniff
age
37891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11735
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 09:34:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 06 Jun 2023 18:54:10 GMT
truncated
/ Frame BA6B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BA6B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BA6B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3539ae111a1ceb8f0bd84448ce55cb1d1c506c02c48d06e05b8139bddf8e4755

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BA6B 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 20:40:28 GMT
x-content-type-options
nosniff
age
463513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 20:40:28 GMT
truncated
/ Frame 769C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83ba6a1722f7ec288a254e6866420cd0f3ffa96b71294d44636a06138114c652

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/ Frame C7A9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a0b10f4dfee15b65f4eb2cad10291e08b195a760b797713c2c49f125cbcf7a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
415133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1648
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Jun 2022 10:06:48 GMT
expires
Fri, 02 Jun 2023 10:06:48 GMT
last-modified
Wed, 04 May 2022 11:50:27 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame E5F1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;ta...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
URL: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B27765333.335497187;dc_pre=CIrG1o7NmvgCFeEL4AodFNEB9w;dc_trk_aid=527385728;dc_trk_cid=170672039;ord=4294585822;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E5F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjD1IVOGeYse1LtrQ7gO-6y2Ah8yrapDa5a-fEMSZ-oO2CRABIKzI6ktglYKAgLAHoAH7qY69AsgBCakC_EL8qeLssT7gAgCoAwHIA0iqBNwBT9ChDowjXg0vWzUsHzETo92alf9GP_YwTqNk-RXVgx3bjwAbY20ZJuOUSWuOaaeujYJcvKIrhNyLy4x-yt3fVZsfEFDrJ7vDX9O_sV9vqCpqoxc25YWisZcYC18YRk04tIzmGR7a0kcI2GuGMzZJIXTWWFVEG9_v-05xDSCnBW8re-e5oCuX63oAB2gDXQNU478z8-GvK3g5rWjB-tyjHTqW7q8UnOCx3RaNuQwZQUn_ckWe5aMkLuoCMBskI---L4J5NQBFGAuwnUODQuCVzNGpRY-Wq94B2KeT68AExvDEyfkD4AQBoAYugAfqvPgmqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQweUF0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTMzNjkyNjM3MTAwOTYxNjMYwZBq&sigh=YNf6ZU386Jk&uach_m=[UACH]&template_id=419
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame E5F1 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 04:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 04:58:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame E5F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:11:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5F1 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 05:25:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame E5F1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:05:03 GMT
l
www.google.com/ads/measurement/ Frame E5F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTT6a5TR0q38qgZFufti4kqf0K24MmzbNrtW7LrV0aRnlcNJys5tMzw0KjPoV9b1jJdj5n2aIBU8xbRpTLlUSS2XWARfQ
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C7A9 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 07 Jun 2022 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C7A9 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 19:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 07 Jun 2022 19:11:07 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C7A9 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Jun 2022 05:25:41 GMT
cssruleplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C7A9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Jun 2022 05:25:41 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/ Frame C7A9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fca177394af6e8c8e0b15b9c6944fca095550b9776f503f6467ce1ae7c8f9e68
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
415138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2578
x-xss-protection
0
last-modified
Wed, 04 May 2022 11:50:27 GMT
server
sffe
date
Thu, 02 Jun 2022 10:06:43 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 10:06:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2038 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
URL: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 04:26:19 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		12 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.nur.kz&callback=_gfp_s_&client=ca-pub-3369263710096163&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.nur.kz%2F&tn=DIV&cls=cookie-popup%20js-cookie-popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E7CD 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1654579541&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541528&bpp=2&bdt=1092&idt=226&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&nras=1&correlator=8630744882926&frm=20&pv=2&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=241
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CD77 		104 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0dc12e4b98035b0d14decb4f8510204b01e0711519f0c9d53c1c25f8472df838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
36453
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E460 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060201&jk=108329845744510&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
a9fc9d77518e2b2b50db.js
yastatic.net/partner-code-bundles/591932/ Frame 769C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/a9fc9d77518e2b2b50db.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
250f65ed6eccaca3c76987a0c5ce1b388a88cdb56874a7c2dff32760d3c6dcd0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4467
last-modified
Fri, 03 Jun 2022 15:31:09 GMT
server
nginx/1.17.9
etag
"8bab976b77c2ae6415b153e2be80624a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:57:37 GMT
cb695309631b1475aaca.js
yastatic.net/partner-code-bundles/591932/ Frame 769C 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/cb695309631b1475aaca.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
49d7f8b1a792b7b8fc63eefc2614125aba00e1d5a381cf25910d1c4a2870fcd3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17806
last-modified
Fri, 03 Jun 2022 15:31:09 GMT
server
nginx/1.17.9
etag
"2327cdff883d5c5d8cda9f7b5571f466"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:58:03 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ Frame 769C 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:59:08 GMT
490795
an.yandex.ru/meta/ Frame 769C 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/490795?target-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&pcode-test-ids=586231%2C0%2C52%3B586085%2C0%2C87%3B593306%2C0%2C42%3B591944%2C0%2C21%3B586227%2C0%2C61%3B590119%2C0%2C10%3B590584%2C0%2C4%3B587828%2C0%2C35%3B588482%2C0%2C56%3B591220%2C0%2C31%3B406668%2C0%2C7%3B591932%2C0%2C75%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1&pcode-flags-map=eJytV12P2zYQ%2FCuFnw8FRX3njZJomziJVEjKPicIiLS9tyAo2ktRNMh%2F71CSPyT7dHdoX87AQTNcLmd3Z7%2BvOinWSjfMrt59%2FL766%2FOXb4%2BrdysuWVHz1d3q6fHPJ%2FEb%2FhPRnKT56senu1W5ZXLDXVmL8t7ZrVbdZutqtRHlhIOVVijpis5a%2FLRaKC3sYcIZ0pTSnnPHjJN870pW184qN4Itf5gGZnU3CSuOY5JFPcUQs%2Buk6dpWacsrBMUqrp0ptWitM7p0e6alkJsXONM4Sk9hNWoIhYlaaVcq%2F7dlNbeWO8kaPuGqxWZrXbGZ8KUhSeOeT%2FOWM%2Bt2DWud5u87bqxja4sYhdSqrpfjStMoSE5xdYa7tlQVXkI1DSJk1rJy68yWVWr%2FAlOeRdmJqVTSiD5RW7V3VlikkcnKFao6OFbhthr3RJTLpFkSB%2BGJVHBnrGqdslswW2jGNV1txcvXzNKYJlc8bwaLjVSau0YYAylUzLLhIsZB8G6HCytk3SevUBPOx79%2Fn1DmJIqH56uE6TVWGv12kiyPT5cytufZcW2grQkwzvIU6ptggzgYsKxaqwfXQMg7YUQhalSUw9P3tbh0fkTTMCQ9Byp%2BrAt%2FBda0l7inP749TmBZmI8wyM0YL9Q55vqsE%2BhmvAVC3supmj4GSZbQ9I4iUXGMnyzLgrswjoIsu6NhHof%2BJyZpckeTKIrCO0poQMjxk5DkSQJ4SnISAJ5GUfbpMqY0D0gwxuQM59KpwnC9m4n68evnX748TptUQvOhG6wF7oL7b3lf5dIupyGKw3w48gOXFPVecQNROhq49yEkwFsXLhLElOZDQbWaoyM6bQvkvxaSL%2BJSmsdDxKXqpPX99GGrFyFZmtGhjR5Q%2BfzB6c5VqmFCLqqapDQcS3VSCm7d1TXaLvK8iA9COqrS57bQ6h4Pg7y6jRbVMjJFv7kZsEOVWi2KRTi0k0Tnt%2FHhur2o7NaJhm0W0wvBRRk5Y49NoVDaF5VmlejMT69kODAf9xCwY%2FWeHcwyMkxHTVVrP0JMi97N0bMbrrrpqKSEkCk2IuFw5%2BPYAFTa5fNi0FyUsua%2BdxzPc%2FxhsQRwZJrSa7hY%2B7Gy943wJYU8w3AMYMfqbvJaIbmNHt3BoE4hWzyyY7pZPjsJxvpjFRqFFaYf1GvlUIKL7RauBEOjh9YclgMmAqNox7Rgs4TTOWx83lk9aQ7nUmGOvbKwwHR8a6YhEIxvdpYL1xqtH5btkiOe4DMSkbH1DMbNt%2B2d4HtvrRaPTtJk7P7%2Bcydhn0qOOd5sFmEpBa6HGdPCB5Zb7iN0LdflTKW%2B718i4yCPLiRCHggmK5qBMlYsnpkF8XhmWSt5ylKjdv2sW8bSNAufwQ5x0P%2BID16J7yEtK%2B9h3%2Fpm35f3C2C80tBGOJwsd2i%2FENdesxb5Pg64N9ibDFNyEC5MRTm%2B3KyRzrwFRjyNh%2BL0c83A%2BiMOjDk1SXzwczD1QnADEzNWCc0xG8sX3isP0uyi4wvYXoYygP8uvb7MUqR5GAfBybyNj4Q1CJVl3Vqr5roh3HDHNDxz9E1so713M43feW7I%2FBYHyc4mEnCYMuMODHYSReYXnLfgjy0Rb46VyNc39gZ5dZPS1tNEwkgmSyRwOfA6rhBWM8uXI5qSsc6qDYc1ZH57O0m66vCPuU8OZ6%2BbR9E8KL9QnkkG89XMS0PJ%2BuBQBI0XwWCk57vvjH18fy3HzegZBaxZba4kQM97pTfUPsIxMJSZEU2LsE0HWzrzAdeJI0GQj03PVPdzH%2BttNOQ%2BRcRjAfSrVMEkEu38%2Fi%2BQbCGx36H6psn59enLbLvKaHZrPol%2Bgxx3T6eVmir5n8evUx6sn%2BfSP8%2B057vArAfQ5%2FeLpXWGJEmSnS3QddYw8On86cMh0o1mxXJLx3pOovO3eM8Pk3TGASVL399wcUH8DGK4%2BWhk0EU0b2t28O5ESD%2BtUXvlva9IdPblzp1i2br1pF6fo6ftBY5eZ0G47E%2BxtZH4BbbBIf9fpBVfM%2Bj5SD6s%2BK%2Bi%2B%2FEv%2BnJ8rg%3D%3D&pcode-icookie=KnJ21A%2FChGB12j7ItIDH8WYQJwVzgK3YfKoWKzLYbmx%2BjlcMQv%2F9AD7frY8a6wkQxtnPs1w%2Fb4p3ezmZUb9uqFDU5SU%3D&imp-id=24&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=32985348834306&ad-session-id=6345961654579541013&target-id=46382726&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&pcode-version=591932&pcodever=591932&flash-ver=0&available-width=728&layout-config=%7B%22win_width%22%3A728%2C%22win_height%22%3A90%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A728%2C%22h%22%3A90%2C%22width%22%3A728%2C%22height%22%3A90%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1100&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NzR9CnKrsrDsrusiDNTZE373JCU7eo6ePT276BFvyb3Tbbc6F1ViNah17_o61193dpGzWeAssZhZLECP4MA-oB3GCEK-65ynl3gEEcQIYYwwgqrGbbMlbWZFDtoNG3z7LWg_U5bfb177ITAlYdjcGbfdXovuc9sLDww4KjMHIRMixGxIEHCiRPUTJ0sT_s-_IS_L0PxxsoSofp7Dajcr6w0tanS4OC3NpO0V7q3LCbF9TKxjYMYTTHDGSeGA2tJoBfY39h9_1E5Sk6Ee1Cw5rOiaGXY1qnzf6dydWJ-myLJygziWnL2lxxcc9-Im_RfLvH5FJsMQzc1EhQn5RqJXkKTGP4hZJpJM8hbn3P4xmF-YipKTW9iQ7k5yQqirIXNjPaCvlrL22wcoxnBg_9bKJFEF8Au23r1CZiwjqGbkLTYAbQtj-ARQsA98ZbagZjTOeOPXosaqwJpx3Ops-5sF5R2T0ooGU2H028kUhhddkPmLIbRVOWy8K25J-BdzFmv7ZzfMlPN5OchEB5toeNc79pf9QZ4_bi2crMLrSslgggWbDS70neBeDLKFlVs1eBc32FLmVepECQ4ULrjj_W-FxesjdgBJUaaYVBXlPW69Ee3ilOydFVvFqfNCUvWvmisDWejXKa-YfdBwlou9CYS-mx9Dv16_x14BicjXxiQTFGffRSZ-mtZgENXswl7NdiZu0RdaSzjzSNNPY50E6W-FeOne1r9MAG4pDdKyhzTLd8GtjAdVkCgx5cYkYQmd5sYza9gpjZMV4CTgldBzOKkL48ONb69qu62i8wiTOjVJVHRTZQ7qfrmSFH73SSACkEIoiX6fx4dBOAoobvKM8Mgz-aIbFswbnMDPtzSrRu_CNGp_dJ430lHSUPiDy4v4Tg-JjMdFaSEMYu4T-wkm1uJ2ua585M0_h7xipBdFTrBJ3VRSrKJUcgOK1tOraNU6Pb2GUavTsyZg-DRaGDq9lo4qZFAzUlOj4EBKQwNPrUHOoKKj0iCk08BEptbQauCoOI78pgcgIWetU6A%3D&uniformat=true&callback=Ya%5B3763740914925%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
40d7fc347ea56bc35c489c2006a1ff69992bddd0344bd0bee1323029e151c408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1654579541886386-1541898332166194553300090-production-app-host-sas-pcode-7
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
uniformat
true
expires
Tue, 07 Jun 2022 05:25:42 GMT
1a54904685c927c7077b.js
yastatic.net/partner-code-bundles/591932/ Frame 769C 		503 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/591932/1a54904685c927c7077b.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8a672b7b02c6a3fe2cf27c6c07f30d9729ffde2cf60701d730a17a83492e1b0f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
105304
last-modified
Fri, 03 Jun 2022 15:31:08 GMT
server
nginx/1.17.9
etag
"87699fde838c932d3044000c9ea5eaf0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2052 11:57:37 GMT
truncated
/ Frame E5F1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c47d04537d1d8c11a8dd85d16eca3bc492c81ae28f43c4cac5576ef3dcd42929

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame E9E1 		97 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3369263710096163&plah=www.nur.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
587348c8d44d26c33a536692b9898ac1e23f5d9980e3ce9b07794288be14058e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34894
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 6C78 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 18:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
126853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Jun 2023 18:11:28 GMT
comdirect_yoga_970x250_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/ Frame C7A9 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12278835424197324352/comdirect_yoga_970x250_js.png
Requested by
Host: e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
URL: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2b402c9263a627d84e0de2d509f3d0c1a215226da47fd3eb0e387a1dba334c6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
411980
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143652
x-xss-protection
0
last-modified
Wed, 04 May 2022 11:50:27 GMT
server
sffe
date
Thu, 02 Jun 2022 10:59:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Jun 2023 10:59:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2038
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
URL: https://e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 05:25:42 GMT
expires
Tue, 07 Jun 2022 05:25:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 05:25:41 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
pagead2.googlesyndication.com/bg/ Frame C7A9 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 14:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
226129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13800
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Jun 2023 14:36:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 769C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssflVR7YpCTdQuK2sdI3zTyNSKRoDr-dWptD43OgZ_fItOZ50Jij2t23PZMejsmTiMG_DnyZEUGPoSPdilg15lfWi2OQBZYe5-TM4zUBRLla4cyBnp7mxwyvx6YdagBd_R_df_SXaYcNs0sewYU-lRtnRTG2uN9E2yv1Li8Xap5xwh-MB8xOpsF9isEqz5T8imu3U2hErEakPkBmNGJYXlnbCC-L9u5YEGqHCAX89XoHX3fw29lHZYh9C3oT7osljrg1A1EY1C-PqudKiGZB0cbo_ju509AZJfYMejcdtGbVyOtlRBVeJkowBs8B72m4II&sai=AMfl-YQiFVtjLYs_KTrI4mz_D5Gjc49VuLpR7PKw-FkrxLehtzVGFg6ajts2WqTARhB19MXBGorE6ieZhkIMJqCBzbFdZJBEkLXACkbafjqbSEs0MjryU-HYOqR8rnOT8tXL&sig=Cg0ArKJSzPz2i_KB59-9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 07 Jun 2022 05:25:41 GMT
truncated
/ Frame C7A9 		68 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c236d7da831e0d70b39a25f3b8a2213c00c92c0b1d8ff70b976b1517005ae83e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame C7A9 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f012d77f69d09efb2d4adc62a748a007a30a0c52f135f50d2873a9334db36d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame C7A9 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a006d7ab427fb687f5e715c42a5285b44e37bffa364dc3f99699359f873b6695

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/jpeg
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.nur.kz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.nur.kz
access-control-max-age
1728000
content-encoding
gzip
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ Frame 769C 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT
watch.js
mc.yandex.ru/metrika/ Frame 769C 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nur.kz/
Origin
https://www.nur.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 13:26:02 GMT
etag
"6299e1ba-c7c7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
51143
expires
Tue, 07 Jun 2022 06:25:42 GMT
kibercar.com
favicon.yandex.net/favicon/ Frame 769C 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/kibercar.com?size=32&stub=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
905566b879ad662531a02e341fbe7b8bab342272b3579e99b844edfaf69c1e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
x150
avatars.mds.yandex.net/get-direct/4471761/nAwfKinIsriTUDoe1umgsg/ Frame 769C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4471761/nAwfKinIsriTUDoe1umgsg/x150
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx /
Resource Hash
6a9c660c5df0bdccc3fb63255c12d509520d9ab0fb4aa46d7704388c13828d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
last-modified
Wed, 23 Jun 2021 05:21:16 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
6924
x-request-id
d519024cf01ec119
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 3085 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.nur.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Tue, 07 Jun 2022 05:25:42 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Thu, 06 Jun 2052 11:59:09 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
css
fonts.googleapis.com/ Frame CD77 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 05:21:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 05:25:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 05:25:42 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame CD77 		2 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:10:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame CD77 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 04:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1626
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 04:58:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame CD77 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:11:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD77 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 05:25:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame CD77 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:05:03 GMT
l
www.google.com/ads/measurement/ Frame CD77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK2jP6jby4MH1xQjTRBiDXwWHu3445Bbk5vaeCbm0UGZIURvSbo5q1-9iQKG1JPVUh05j0iY7AAS4k2KvIN9tv7buAFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame CD77 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:03:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 06:33:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CD77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTymJVeGeYvj4Mq6GwuIPu6md0APbku2VavekrYTNDmQQASCsyOpLYJWCgICwB6ABnu-C_wPIAQmpAvxC_Kni7LE-qAMByAPLBKoE5AFP0LUhTwCZ8-b1Pp4KFeO6Yi475_PmDyf35XSr_u3G2e_GLfCPMqLS6kNsoquav2biNcRS4iZuinZa0x1zEyOp2ft4m1dDvHKwKRJQUcb4luYNnW3Y5_0LaGG1oN83YPRybBreWfbd-klZIXp6ZYtgqYLcWQvuiQArJLoXY0hae-wV4gjVJsJdz8QKs34tSx2cSryVizThK00mgeaWakiRQ8Oc8bE5jzD2Hjqzqgo0wjMmJSJwEx1gSiBNaHtqP3hA60NR0s7dMWJZQlNAD_x3UGkBQadmLDqOY5bxg8u7EmeLqIPABJjV8O3tA5IFBAgEGAGSBQQIBRgEoAYugAfKkH2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCZiQ_SCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQC0BUBmBYBgBcBshccChoIABIUcHViLTMzNjkyNjM3MTAwOTYxNjMYAA&sigh=HL7pMNdHWXw&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/5087075019579127023/ Frame CD77 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5087075019579127023/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b331c5a2b571aac5e26a88f214625270a1624fcb83880a3003281d4ed4eefb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 03 Jun 2022 05:34:14 GMT
x-content-type-options
nosniff
age
345088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10286
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:35:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Jun 2023 05:34:14 GMT
truncated
/ Frame CD77 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CD77 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
generate_204
tpc.googlesyndication.com/ Frame 6C78 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vepQkA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F9CF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 07 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CD77 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f3317ba6a5829035378dc2b11f30a2338013675261a9bf6167a7ca9dbb7444b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame CD77 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 20:40:28 GMT
x-content-type-options
nosniff
age
463514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 20:40:28 GMT
dpixel
cms.quantserve.com/ Frame F9CF 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExGRTqNer2r05uwnm3S3Bc&google_cver=1&google_push=ARnp8GAwJLMZDMhdW61gfALz6OtPDrockH006y0r8bRsoC91InoiHMXTdjUMSodB9uoizGXw18sEhWytLducGoS1UIsmjaC3NDP4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame F9CF 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIidQ5cEHxRjuUPXOY_6KRM&google_push=ARnp8GCvOqUrKsJDxVuEva8SVVxJ7SWnrbiD3RAmm192iSiVvALFarKKMObj1OTRxdqTRGvPXQpcd5nu8MOO1mRdH31CiEUoEE83&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame F9CF 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKIlJN2MPvlAE_IxexS2FEw&google_cver=1&google_push=ARnp8GBK1pg_a_qe1bU68dLz0mCyxvsCS3nugGzgFf5xb9VJUa79liS0Z9r3WJlY9hmbEQzTyvf02giCCJX6npBLVOJ7lQgZOII
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
r3snvv544u1uml66f4f29heqeabj56ip
pixel
cm.g.doubleclick.net/ Frame F9CF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dAQa5VLORoS8i7b3j4Kq0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dAQa5VLORoS8i7b3j4Kq0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDqA0vTChuRo_TZvZDWay4iErqFn-b6t3h17imMqeTa4HncSOI3Cc_wntoN3OMBafxbL6a7gIpFLKB5Nh4wOlcY380CYi7x
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dAQa5VLORoS8i7b3j4Kq0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDqA0vTChuRo_TZvZDWay4iErqFn-b6t3h17imMqeTa4HncSOI3Cc_wntoN3OMBafxbL6a7gIpFLKB5Nh4wOlcY380CYi7x
date
Tue, 07 Jun 2022 05:25:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F9CF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPTozCavokzfBm8a-Q8mUK0&google_cver=1&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQzUFhUTVgtSC00WDVU&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjHYMZRMye0aGI8RZvM1OU4hRIU6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQzUFhUTVgtSC00WDVU&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjHYMZRMye0aGI8RZvM1OU4hRIU6
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQzUFhUTVgtSC00WDVU&google_push=ARnp8GArK4qMzbNvrMLeasgRPZQBZTGfTC2xLCLfbVLPLaQwAJJ25s6swCjiiBDtVBGc82NSsjHYMZRMye0aGI8RZvM1OU4hRIU6
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame F9CF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQve7OE7WwN5i5kPCk2Dixn2XSysDchurimxGrO1kt2KBsHmfWFxcivu3uIsjHXVPH
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&google_push=ARnp8GCj3mDuBZ3p-mJH5lMHIiUU_6bpOOPQve7OE7WwN5i5kPCk2Dixn2XSysDchurimxGrO1kt2KBsHmfWFxcivu3uIsjHXVPH
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Tue, 07 Jun 2022 05:25:42 GMT
googleredir
googlecm.hit.gemius.pl/ Frame F9CF 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame F9CF 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JchDvVCVpMEPSvczyceCskQM-BGsEpwVVGvHT4oOgkrKAYyU_4Ivm7n1TrwaAMVgo_rwR6Ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame E9E1 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 04:04:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 05:25:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 05:25:42 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame E9E1 		2 KB
910 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
923
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:10:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame E9E1 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 04:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1626
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8691
x-xss-protection
0
server
cafe
etag
17811423179848367920
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 04:58:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame E9E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:11:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9E1 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43419
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654515382487150"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 05:25:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame E9E1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7351
x-xss-protection
0
server
cafe
etag
330450436367057301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Jun 2022 05:05:03 GMT
l
www.google.com/ads/measurement/ Frame E9E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQX7XdlWA7GQYaE2eNEVO428qEiZwo8XvAB1I5kxGPKeWjfevFtDsAsJblOuMkXV7CiAhd7OrBRBn8mVgb7sjp_Ml-p9A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame E9E1 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:03:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 06:33:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E9E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CH9pMVeGeYtS_N4fgtwfY8LOQC9uS7ZVq96SthM0OZBABIKzI6ktglYKAgLAHoAGe74L_A8gBAakCVvaYPWrrsT6oAwHIA8sEqgTkAU_QC5wymocwTIzMYcsZvNVNbtNtpqOvKnCWbffd7cuWdJXQAuNh9kr3IAd9hU0R695z3Yc1cHXHjcylY6ylujB7eFEIWeSHShgG9ZNOwHleTMqtvzm7zZr6H80QAELtJ8Px5FU7vcg9-TQPRlzO2tLP4jg6QDJ_m3_5jPgD_kIhU26h2BR1gxjYd3JUXtXGRsqNKIiZvpuySfb4fE7kAeR2BlV4Yt_89WEqBdyqibAZZY9-OJsF15gWDBbsAzdOLI1GjkPTnOgarMqjL7G-GeNf6VHB86joYHL3MJVyNSE4cT6Rl8AEmNXw7e0DkgUECAQYAZIFBAgFGASgBi6AB8qQfagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENrOBtIICQiA4YAQEAEYH4AKAcgLAbgTnSfYEwyIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM2OTI2MzcxMDA5NjE2MxgA&sigh=PkZs-4Z88Z4&uach_m=[UACH]&template_id=5021
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/17514000791895110445/ Frame E9E1 		985 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17514000791895110445/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a13ff6c627da0a21f5186053178f826769729f58ba6eb8f8f413649b51559ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:08:12 GMT
x-content-type-options
nosniff
age
559050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
985
x-xss-protection
0
last-modified
Tue, 17 Sep 2019 12:20:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 May 2023 18:08:12 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6857081426319368519/ Frame E9E1 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6857081426319368519/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b2df6ea018fdf26ebed2f0ad9a6ef0f662a3c03ebb5e2058f312767e5633e64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 11:32:55 GMT
x-content-type-options
nosniff
age
237167
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13751
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:35:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Jun 2023 11:32:55 GMT
truncated
/ Frame E9E1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e3de3da7201c62ef60ea46370054480294af1b888b98bf315556a52c5ae062

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E9E1 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 9323 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1654579541&psa=0&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541545&bpp=1&bdt=1108&idt=257&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=SppWLyQ86F&p=https%3A//www.nur.kz&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 18:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
126854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Jun 2023 18:11:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D96A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Tue, 07 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E9E1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa77212981d67d22068a5ddbf728c58871e82a0eb45834ee159a1274e8acf202

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E9E1 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 20:40:28 GMT
x-content-type-options
nosniff
age
463514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 20:40:28 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 3085 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0003
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Wed, 08 Jun 2022 05:25:42 GMT
0100007F56E19E625A00206102D76942
an.yandex.ru/mapuid/SAPEis/ Frame 3085
Redirect Chain
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=0100007F56E19E621700061A02BF0C14&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
  • https://an.yandex.ru/mapuid/SAPEis/0100007F56E19E625A00206102D76942
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/SAPEis/0100007F56E19E625A00206102D76942
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

date
Tue, 07 Jun 2022 05:25:42 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://an.yandex.ru/mapuid/SAPEis/0100007F56E19E625A00206102D76942
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
d01f825e-8a12-529e-a0db-5028c245b17e
an.yandex.ru/mapuid/betweendigitalis/ Frame 3085
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/d01f825e-8a12-529e-a0db-5028c245b17e
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/d01f825e-8a12-529e-a0db-5028c245b17e
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/d01f825e-8a12-529e-a0db-5028c245b17e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=99DE99D26B70F015
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=99DE99D26B70F015
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=99DE99D26B70F015
Protocol
HTTP/1.1
Server
34.252.147.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v033-093d0b42f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cFM6eZ1EQhE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v033-00cf46910.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xI55Lv+xTko=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=99DE99D26B70F015
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ads.betweendigital.com/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/betweenx/
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=61B88C58F4041C5B
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=61B88C58F4041C5B
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=61B88C58F4041C5B
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT
spacer.gif
an.yandex.ru/resource/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=4D7B4A2F2CDA8DDB&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
t.adx.opera.com/ Frame 3085
Redirect Chain
  • https://an.yandex.ru/mapuid/operacom/
  • https://t.adx.opera.com/sync?vendor=60143&uid=931B7423A36DE04A
0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60143&uid=931B7423A36DE04A
Protocol
H2
Server
82.145.213.8 Gauteng, South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://t.adx.opera.com/sync?vendor=60143&uid=931B7423A36DE04A
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT
a459aaeaa2cc9b482ea9fdba4d2312a2fd2f3aebf4c55a98b894ccac8cf6221f
an.yandex.ru/mapuid/mediascope/ Frame 3085
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/a459aaeaa2cc9b482ea9fdba4d2312a2fd2f3aebf4c55a98b894ccac8cf6221f
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/a459aaeaa2cc9b482ea9fdba4d2312a2fd2f3aebf4c55a98b894ccac8cf6221f
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
ms-counter-3.3.5/1.20.2
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/a459aaeaa2cc9b482ea9fdba4d2312a2fd2f3aebf4c55a98b894ccac8cf6221f
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
match
dm.hybrid.ai/ Frame 3085 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=182
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
126
x-xss-protection
1; mode=block
expires
-1
yandexdmp-match
dm.hybrid.ai/ Frame 3085 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/yandexdmp-match
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
111
x-xss-protection
1; mode=block
expires
-1
dwL2VsTLrYWSmEi7Cn4C
an.yandex.ru/mapuid/dmpamberdata/ Frame 3085
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1654579541
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1654579541
  • https://an.yandex.ru/mapuid/dmpamberdata/dwL2VsTLrYWSmEi7Cn4C
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/dwL2VsTLrYWSmEi7Cn4C
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

Date
Tue, 07 Jun 2022 05:25:42 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://an.yandex.ru/mapuid/dmpamberdata/dwL2VsTLrYWSmEi7Cn4C
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
23
Content-Length
0
X-Content-Type-Options
nosniff
9a05b64c-0819-48a2-a913-4db3f8fa97d8
an.yandex.ru/mapuid/azerionis/ Frame 3085
Redirect Chain
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
  • https://an.yandex.ru/mapuid/azerionis/9a05b64c-0819-48a2-a913-4db3f8fa97d8
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/azerionis/9a05b64c-0819-48a2-a913-4db3f8fa97d8
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/azerionis/9a05b64c-0819-48a2-a913-4db3f8fa97d8
date
Tue, 07 Jun 2022 05:25:42 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
be6270ea-f35d-4213-6b5f-f5135cd0a763
an.yandex.ru/mapuid/buzzooladspis/ Frame 3085
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/be6270ea-f35d-4213-6b5f-f5135cd0a763
43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/be6270ea-f35d-4213-6b5f-f5135cd0a763
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/be6270ea-f35d-4213-6b5f-f5135cd0a763
date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
/
an.yandex.ru/mapuid/targetrtbis/ Frame 3085
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3552125994
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?sign=3552125994
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

Date
Tue, 07 Jun 2022 05:25:28 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin
Location
https://an.yandex.ru/mapuid/targetrtbis/?sign=3552125994
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
mitdmp.whiteboxdigital.ru/ Frame 3085 		0
0
/
an.yandex.ru/mapuid/ramblerssp/ Frame 3085
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
x-passed
0bal1
content-type
application/x-javascript; charset=Windows-1251
content-length
0
Pp0vsGrnDss.AikABlGBPKA7SQ
an.yandex.ru/mapuid/getintentis/ Frame 3085
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/Pp0vsGrnDss.AikABlGBPKA7SQ
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/getintentis/Pp0vsGrnDss.AikABlGBPKA7SQ
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f7-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://an.yandex.ru/mapuid/getintentis/Pp0vsGrnDss.AikABlGBPKA7SQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
AwjSW7K0WWt2GbRgRhkE6O
an.yandex.ru/mapuid/dmpweborama/ Frame 3085
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=591185653
  • https://an.yandex.ru/mapuid/dmpweborama/AwjSW7K0WWt2GbRgRhkE6O
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpweborama/AwjSW7K0WWt2GbRgRhkE6O
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:41 GMT
via
1.1 google
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
server
Weborama Collect Frontend
location
https://an.yandex.ru/mapuid/dmpweborama/AwjSW7K0WWt2GbRgRhkE6O
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
woB5WdX3XVdjaRazbyvk
an.yandex.ru/mapuid/kadamis/ Frame 3085
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/woB5WdX3XVdjaRazbyvk
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/woB5WdX3XVdjaRazbyvk
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/woB5WdX3XVdjaRazbyvk
date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx/1.19.0
content-length
0
c6fe328e-9d13-4c3b-b43e-79d148864fd9
an.yandex.ru/mapuid/mtsdspis/ Frame 3085
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
  • https://tech.rtb.mts.ru/?dsp_uid=c6fe328e-9d13-4c3b-b43e-79d148864fd9&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fc6fe328e-9d13-4c3b-b43e-79d148864fd9
  • https://an.yandex.ru/mapuid/mtsdspis/c6fe328e-9d13-4c3b-b43e-79d148864fd9
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mtsdspis/c6fe328e-9d13-4c3b-b43e-79d148864fd9
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/c6fe328e-9d13-4c3b-b43e-79d148864fd9
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 3085
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=a8d4321f5c974b6cad1ec0265910d02c
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a8d4321f5c974b6cad1ec0265910d02c
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a8d4321f5c974b6cad1ec0265910d02c
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
server
nginx/1.20.1
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a8d4321f5c974b6cad1ec0265910d02c
Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 3085 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad16.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 3085 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad16.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 05:25:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
4680b780-e622-11ec-acfd-901b0e8b2a6e
an.yandex.ru/mapuid/dmpcleverdata/ Frame 3085
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
  • https://an.yandex.ru/mapuid/dmpcleverdata/4680b780-e622-11ec-acfd-901b0e8b2a6e?sign=2089842781
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpcleverdata/4680b780-e622-11ec-acfd-901b0e8b2a6e?sign=2089842781
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/dmpcleverdata/4680b780-e622-11ec-acfd-901b0e8b2a6e?sign=2089842781
date
Tue, 07 Jun 2022 05:25:42 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
/
sync.bumlam.com/ Frame 3085 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=yandex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 05:25:42 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
yandexortb
sync.dmp.otm-r.com/match/ Frame 3085 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.65.201.138.clients.your-server.de
Software
nginx/1.19.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx/1.19.7
15a4b769-e266-45e6-9a07-4cee75d7d7dc
an.yandex.ru/mapuid/upravelis/ Frame 3085
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/15a4b769-e266-45e6-9a07-4cee75d7d7dc
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/upravelis/15a4b769-e266-45e6-9a07-4cee75d7d7dc
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:42 GMT

Redirect headers

date
Tue, 07 Jun 2022 05:25:42 GMT
server
nginx
location
https://an.yandex.ru/mapuid/upravelis/15a4b769-e266-45e6-9a07-4cee75d7d7dc
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
mLDvkENAFInkVRu0Z6UoWA
an.yandex.ru/mapuid/dmpaidatame/ Frame 3085
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/mLDvkENAFInkVRu0Z6UoWA?sign=4093563506
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/mLDvkENAFInkVRu0Z6UoWA?sign=4093563506
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:43 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
last-modified
Tue, 07 Jun 2022 05:25:41 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/mLDvkENAFInkVRu0Z6UoWA?sign=4093563506
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Tue, 07 Jun 2022 05:25:41 GMT
n99z_H949zHn
an.yandex.ru/mapuid/dmpsegmento/ Frame 3085
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/n99z_H949zHn?sign=462172591
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/n99z_H949zHn?sign=462172591
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:43 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/n99z_H949zHn?sign=462172591
Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
g1u-7YGFahkL
an.yandex.ru/mapuid/rutargetis/ Frame 3085
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/g1u-7YGFahkL
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/g1u-7YGFahkL
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
content-encoding
gzip
last-modified
Tue, 07 Jun 2022 05:25:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 05:25:43 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/g1u-7YGFahkL
Date
Tue, 07 Jun 2022 05:25:43 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame D96A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEExGRTqNer2r05uwnm3S3Bc&google_cver=1&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7cm9MBkJidlFzBDkqt_Pf-DAELLqmPFHd6biNYXOQ4r&google_hm=K32ZMAhIpsdZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7cm9MBkJidlFzBDkqt_Pf-DAELLqmPFHd6biNYXOQ4r&google_hm=K32ZMAhIpsdZlqFc9aKoFw
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAdKqnMcgvxNg-9QKqy2_4BHcJaud7gfeNyFt61OvimG6vV1yTPc7cm9MBkJidlFzBDkqt_Pf-DAELLqmPFHd6biNYXOQ4r&google_hm=K32ZMAhIpsdZlqFc9aKoFw
pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame D96A 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GA0kBOY34ZX_Y9RNb-cYuhnnHviEGCkAoFxV9fiaaMNk0OskVBlw0_XVLFXyQK72d0yB5OMp1OWEcKX3nBPXce5H2k-7fb-&google_gid=CAESEOrQj0uEwcqkMJrXcQWjJ8M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D96A
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAnGLZz...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAnGLZz...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcwNTI1NDMwMDA5MDYzMTQxMzY2Mg%3D%3D&google_push=ARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcwNTI1NDMwMDA5MDYzMTQxMzY2Mg%3D%3D&google_push=ARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNzGRQ2ccI_8lkf0ZZNSqSejeY87m_qk
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcwNTI1NDMwMDA5MDYzMTQxMzY2Mg%3D%3D&google_push=ARnp8GAnGLZzb63QlWQ38coe4NcZw3agBrUZnhUgbhTKkiptRN70pH9CQQrVRZyUZUclNzGRQ2ccI_8lkf0ZZNSqSejeY87m_qk
pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 07 Jun 2022 05:25:43 GMT
sync
odr.mookie1.com/t/v2/ Frame D96A 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIidQ5cEHxRjuUPXOY_6KRM&google_push=ARnp8GCnXKrd2LsLYsSKgewzhvKUTsZl6XDeTYBN_YweuExMcsJu-JbrNPUs_0zY_yA3bCoBIX99kuC0Qf2TCh3IhLntwtqLqorh&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D96A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OskdSMMQhWdqNosflokig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OskdSMMQhWdqNosflokig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA1PY-P58dVU4-9_UzSQ7P65JF96aszLHZbjZ9L2hquB6ICDuzSTzpK5S0sVAuGs7Bloanhj6thQb33vg3JMAaZAMZ5C21Y
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9OskdSMMQhWdqNosflokig%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA1PY-P58dVU4-9_UzSQ7P65JF96aszLHZbjZ9L2hquB6ICDuzSTzpK5S0sVAuGs7Bloanhj6thQb33vg3JMAaZAMZ5C21Y
date
Tue, 07 Jun 2022 05:25:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D96A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_push=ARnp8GD6CEY9VyGHc9ZQdgQBBVfnyrv9ymnMWr4fymJSQgEBCiYl7w-V-9h1ij_QMncCj7dZTG76XuA4q1CN3RPRvn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_push=ARnp8GD6CEY9VyGHc9ZQdgQBBVfnyrv9ymnMWr4fymJSQgEBCiYl7w-V-9h1ij_QMncCj7dZTG76XuA4q1CN3RPRvnuvGgQtaXD2&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Jun 2022 05:25:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yp7hVq_3OBMioHCMzApKdQAABIEAAAIB&google_push=ARnp8GD6CEY9VyGHc9ZQdgQBBVfnyrv9ymnMWr4fymJSQgEBCiYl7w-V-9h1ij_QMncCj7dZTG76XuA4q1CN3RPRvnuvGgQtaXD2&google_gid=CAESEKAJ9blnQ6bby-FkMN4QjK4&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Tue, 07 Jun 2022 05:25:42 GMT
trk
ag.innovid.com/ Frame D96A 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPgGuFClfylvdwUN7cL3LpY&google_cver=1&google_push=ARnp8GABj52DXEZRTYgXwh3jZS2eHakiAGYCo9_HrVCwqdcxvBbi6ImRsWHCK496GyFs4xbGYBwyRQFJEYl3aS1DCp-B2gx80rSs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame D96A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUebFayxNG4pVUvMoAsk43uTroowSWp4gYx_DCsOyOXd46I-yM1zqwjhFWgXc3nHS1K2sA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 4052 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=400&slotname=6379779082&adk=4233613586&adf=4095847083&pi=t.ma~as.6379779082&w=240&lmt=1654579541&psa=0&format=240x400&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654579541555&bpp=1&bdt=1119&idt=323&shv=r20220601&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df89432200e1a5733-221b291caacd0077%3AT%3D1654579540%3AS%3DALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A&prev_fmts=0x0%2C728x200&nras=1&correlator=8630744882926&frm=20&pv=1&ga_vid=1221060954.1654579541&ga_sid=1654579541&ga_hid=2015280902&ga_fc=1&ga_cid=870498487.1654579541&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1104&ady=572&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066429%2C31065545%2C31067768&oid=2&pvsid=108329845744510&pem=305&tmod=429909619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=k8LrK6igCy&p=https%3A//www.nur.kz&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 18:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
126854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Jun 2023 18:11:28 GMT
collect
i.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: i.clarity.ms
URL: https://i.clarity.ms/s/0.6.35/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.nur.kz
date
Tue, 07 Jun 2022 05:25:42 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
1
mc.yandex.com/watch/490795/ Frame 769C
Redirect Chain
  • https://mc.yandex.com/watch/490795?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%...
  • https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-...
338 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A18980660%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Ans%3A1654579541451%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5741a03116c9aed9c5867eef260e7d7ccd21268bb12a164125f92ba71cc17d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 07-Jun-2022 05:25:42 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
last-modified
Tue, 07-Jun-2022 05:25:42 GMT
location
/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A18980660%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Ans%3A1654579541451%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060201&jk=108329845744510&bg=!fX6lfjrNAAao8wy8iPM7ACkAdvg8WrvZYfSyFLhgrs9Ayg6RV8PHLa1BNahqlmOpgfK1taDKKudhCQIAAAFAUgAAAAdoAQcKAPtgCH_4Z3p9jlOKNmR8KTUbZ3ywcmwZSEBdmZHv6ffKiOhiecGnfLjtHYtMjXnenXGrAPGNIu25apu1XFtRD2ajNoSvNiNffoNQwtKUA6QRVPbfFTEuTPVLzwCXcgtdU9l4WgZ5hQlCEd2i8V6cIMNS_lQeE10Y1Y4Lxw2LGlVsZb-O6QGHEAgwbf7CGg7jvbRHtFgPa63bZ3n7sJOQG3J9E2L3N4ZmRp5iW3_sUalpBVUEOaCcjqHic_Ax9qkhnqGEUMQZ3s0w42npUL9Qbb9HXCzEIOR22ZGXeeoLNF-e--6xupOS-9soJen7GQpNYsin4VJxpaPtza2NmJkCm0PgKfsqy5GWOeXN4iHYuSDy_s-ggIHBo_dv_nLB7JHkm9QIS-WeumoJP_YvqVvznONVYxqRn9nbQqiWww5vbkknZnS_dj_DR8VvrUMY3VXcyFCBLl4PW3UE2cetI9wMdFPXpQvDar4Y6WZs9UIZNTPXAjO2yItTx8GfcHvtcN3SUTow66Rn3XC8_-JngHTicuLKKfzLSbDytCsGJfq72PEXv7Wv77POhvB7W8FxCAZRxdbpeX_zfIgbnnh26G2pH8So1It0z0g15IT08O-NTU9JkBKHkgWajcnM60j_HlqTnTOjyKHRcnxym6b4CA-kP3Cgok7gT81z-iUEbfNnQp1lAnW7jjqHc5IXDuzJi2IM3rgmtVae0uEzwDiUV8oRZkHzQnFITjwIhOIblfsKb6YiS3nF_aZxX6iTM7JXdtTJlhryLXpF_SBNgYhcGxJ_Os60UZoaNc-s11Mrltefxajeb1my518631AF4OW1DHPCR355IwCf3VKsruUKfLJ6xtBvpKQ4yCUY7B_m60z4zUu8ldbe1hTXEbEHGdOIRG6wLDWh41ewp1iPTdXx7Qt937KwRZsL4XThqsP8LKOkwmx-ZdwdXTDgwmzMXVjObKLMp6TBmAP-G3JNH6gc77Ypjx3dDroZ5T86GMG81UUEI4LKdJVFNLZdweZBlcf_KSzB5-CjYEc_dR9JheKCXjGuf-G9WK1POiQmXAt5KUzZXOUPegEFf09lG_DhlOfPKkdE22UmT-_miRWzzyOqAun6lMMt0R7KOHEDpGpKcxLQJDearjlIpRqxj3nLwq61HUu7qrVj_ZIAdPi0mnK_2UH8WInIypJ93d8Hys2ZnGZK2pH8Dipbo5zN7l1DcRSl6NsXguXLmD55nPRnwzk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
1
mc.yandex.com/watch/490795/ Frame 769C 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/490795/1?page-url=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A197%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A1%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A51296025%3Arqn%3A1%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1654579541451%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C0%2C511%2C3%2C0%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543&t=gdpr(14)mc(p-1-h-1)lt(11800)aw(1)rqnt(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nur.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
last-modified
Tue, 07-Jun-2022 05:25:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:42 GMT
490795
mc.yandex.com/watch/ Frame 769C 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/490795?page-url=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A1%3Als%3A448295929868%3Ahid%3A175420414%3Az%3A0%3Ai%3A20220607052542%3Aet%3A1654579543%3Ac%3A1%3Arn%3A183135000%3Arqn%3A2%3Au%3A1654579543996911072%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1654579541451%3Aco%3A0%3Arqnl%3A1%3Ast%3A1654579543%3At%3A&t=gdpr(14)mc(p-1-h-1)lt(11800)aw(1)rqnt(2)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
last-modified
Tue, 07-Jun-2022 05:25:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.nur.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:42 GMT
event
ads.adfox.ru/252771/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=78880e994dbe55a9&pm=cza&p5=kunhv&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=gcqsxj&sj=X-zyVz1-jxzrX-eGz0DV2c7ZKxfElbl3zYbK27_kVD8V0sX1-XiLmSuQDyvD7Q%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsnx&rqs=VYVLrEcQfypV4Z5iC581RKLJyDN5waFP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/252771/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=9b4769073655ebba&pm=cza&p5=kunhe&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=jhztab&sj=ipOdv5znFrzhBjvKM6-Tgu1HMR3nUoXT6-n6-cFOwmn8CXLfHB2rx0P3uDaBPQ%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsny&rqs=VRUTueL6tG5V4Z5irv5W_cQB6bISwfIL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:42 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CD77 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO571AIh3j65-J4Q07wHqqFFLD_KmcthzL_gLPZFRM-rX72awexshQMYyPbKmjzKZEBgtb7vPhSH-wgADdwrwUvk_DjpR2dR_l7OxjK_gVdR8WDhXOh6huOOKxk3S-a_hdTQdRrCrumKJFWirjT20&sai=AMfl-YTyGIsw2zbs_9AXXMuf30UKWI_NxNFybW8fxFHJV-EsiJ5lr4yd_cdiN2a5ynGZAwgVuM4hLRCxOQWGBWxqvyGvpSyIuvUU3I3OhnP4hlR1rZ9Ma1-NW-n4_w6C&sig=Cg0ArKJSzNTPmS-kpvz1EAE&cid=CAASF-RoSm7Ye2o5cwncqaBeSQZ_-O0mVKlK&id=lidar2&mcvt=1003&p=0,0,200,728&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1921805917&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654579541808&rpt=525&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E9E1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6eYcjfGUctmNXShTpMiXZh8tHKNoaqmz2335lrQQkcikiHT8jx6V-5u6_A3kx1QBWdky2YQgMzdD9pmCRv8eGE1r4J7eOdny8zhaNjVNy9uzFDXcq4NVYJiJ8rGjbKm-2fjCaup8ndZzFwKC06pc&sai=AMfl-YT31ps9p2KF9j-Izhvxr2pIcj-B0ZOcRUh8SLAykAN1YGyWPILWJdInjWHFWwMikq3hhFyEUw2QaI8ehQpty546_CNALIq845sQDxly4q_OmhFgeYbQo-qVUffb&sig=Cg0ArKJSzDUEXAc_VuIJEAE&cid=CAASF-RoJPr42Km4Sfz_Q8KcruL2IKqqf3E_&id=lidar2&mcvt=1000&p=0,0,400,240&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4233613586&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654579541883&rpt=594&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ads.adfox.ru/252771/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=4f53eaedc46d1fcf&pm=bmn&p5=kunhv&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=gwzhfkw&sj=X-zyVz1-jxzrX-eGz0DV2c7ZKxfElbl3zYbK27_kVD8V0sX1-XiLmSuQDyvD7Q%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsnx&rqs=VYVLrEcQfypV4Z5iC581RKLJyDN5waFP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:44 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/252771/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/252771/event?hash=be9d487cda0c4eb3&pm=bmn&p5=kunhe&ad-session-id=6345961654579541013&lts=fjgsowr&ytt=32986960625669&ybv=0.591932&ylv=0.591932&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=gnsoege&sj=ipOdv5znFrzhBjvKM6-Tgu1HMR3nUoXT6-n6-cFOwmn8CXLfHB2rx0P3uDaBPQ%3D%3D&puid1=Homepage&pr=mltypsb&p1=crsny&rqs=VRUTueL6tG5V4Z5irv5W_cQB6bISwfIL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nur.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Jun 2022 05:25:44 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 3085 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: www.nur.kz
URL: https://www.nur.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 09 Jun 2022 17:23:45 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
36d0f3751c71e31f
watch.js
mc.yandex.ru/metrika/ Frame 3085 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
br
last-modified
Fri, 03 Jun 2022 13:26:02 GMT
etag
"6299e1ba-c7c7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
51143
expires
Tue, 07 Jun 2022 06:25:44 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 3085 		403 B
842 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.nur.kz%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b11a043f76e797d7c0abc3457e5e5f4166123f0a91388aae07f46a6c0346f38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ Frame 3085 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
6069194915506431635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Jun 2022 05:25:44 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 3085
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WOGeYvu2JNGE9fgPyd2Q-A...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905&ipr=y
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2059405243&crd=&is_vtc=1&random=3340651905&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 3085
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WOGeYsi5JKaF9fgPwraMuA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760&ipr=y
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1745068875&crd=&is_vtc=1&random=2365361760&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.com/watch/ Frame 3085 		167 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A285601420386%3Ahid%3A717673902%3Az%3A0%3Ai%3A20220607052544%3Aet%3A1654579545%3Ac%3A1%3Arn%3A1048100543%3Arqn%3A1%3Au%3A1654579545280838408%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1654579542217%3Ads%3A0%2C80%2C42%2C0%2C0%2C0%2C%2C59%2C0%2C182%2C182%2C0%2C182%3Aco%3A0%3Ast%3A1654579545&t=gdpr()aw(1)rqnt(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
bd2292fefe85a75f1e1cc8d67c14a6b5a6e2d47334ea4794186c58522ab449b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 07-Jun-2022 05:25:44 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:44 GMT
advert.gif
mc.yandex.com/metrika/ Frame 3085 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 05:25:44 GMT
last-modified
Fri, 03 Jun 2022 13:26:02 GMT
etag
"6299e1ba-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 07 Jun 2022 06:25:44 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 3085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1654579544622&cv=9&fst=1654579544622&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12f498e3208315450add74229d8cfb1e4065d11576b39a2e2b63369b0f3dcc70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 3085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1654579544626&cv=9&fst=1654579544626&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ba1aea2e2e983ef53387367c0d5da29a216f6e613c3882e6ae980ff3a70c6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 3085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1654579544630&cv=9&fst=1654579544630&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea88b619548e4ba7c1695045b0eea148fa27a30a084704e50f407dd697466f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 3085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1654579544632&cv=9&fst=1654579544632&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c574b07b69d3ea0d710a7e017d2d90558fa150ef0b4ab08b74ef2d7f2580431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
37412095
mc.yandex.com/watch/ Frame 3085 		350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A198dw73ozp1lr8k77gm80%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A998242561794%3Ahid%3A717673902%3Az%3A0%3Ai%3A20220607052544%3Aet%3A1654579545%3Ac%3A1%3Arn%3A176000625%3Arqn%3A1%3Au%3A1654579545280838408%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1654579542217%3Ads%3A0%2C80%2C42%2C0%2C0%2C0%2C%2C59%2C0%2C182%2C182%2C0%2C182%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654579545%3At%3A&t=gdpr(6)lt(6000)aw(1)rqnt(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a438edf833dc1aa43e9b4bea709741227e89fe38636956783c4fc87949e657c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 07-Jun-2022 05:25:44 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Tue, 07-Jun-2022 05:25:44 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1654579544630&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=779277108&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1654579544630&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=779277108&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1654579544622&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=483955104&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1654579544622&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=483955104&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1654579544626&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2699544442&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1654579544626&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2699544442&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1654579544632&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=1048153144&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 3085 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1654579544632&cv=9&fst=1654578000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=1048153144&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 05:25:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELdMIGaMfCv40ipg5L7qV_k&google_cver=1&google_push=ARnp8GC0dRqb5HJb_FaEqXeTbIPZ5NFd7eiYKc8K_Ib-LmNHYFewWkeuQ_JkNxb0OQGvRx1hhSgD4MRVYkgnWAYKEy3Ljy9H1Emsxg
Domain
mitdmp.whiteboxdigital.ru
URL
https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _io_config object| Site string| GoogleAnalyticsObject function| __gaTracker function| clarity object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __io object| webpackJsonp function| gtag object| dataLayer object| OneSignal object| _atrk_opts function| atrk boolean| _atrk_fired object| googletag object| ggeac object| google_js_reporting_queue string| _io_uniques_holing_params function| setImmediate function| clearImmediate object| yaContextCb function| enableBrandingBehavior function| enableMobileBrandingBehavior object| google_tag_manager function| onYouTubeIframeAPIReady boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| __jitsuDebug object| jitsu object| lazySizesConfig object| lazySizes object| google_optimize object| pcodeJsonp591932JE1BZDHj3d object| __activeTestIds object| __pcodeAllActiveTestIds object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map string| google_user_agent_client_hint number| google_lpabyc object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients

97 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
.nur.kz/ Name: _gid
Value: GA1.2.870498487.1654579541
.nur.kz/ Name: _gat
Value: 1
.nur.kz/ Name: __io_d
Value: 1_705468254
www.nur.kz/ Name: __io_lv
Value: 1654579540514
www.nur.kz/ Name: __io
Value: b7714b1d0.0bd6744c7_1654579540514
.nur.kz/ Name: __io_session_id
Value: 829dce7c7.bc1a186aa_1654579540516
.nur.kz/ Name: __io_nav_state336
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.nur.kz%22%2C%22previousDomain%22%3A%22%22%7D
www.nur.kz/ Name: __io_unique_336
Value: 7
www.nur.kz/ Name: __io_uh
Value: 1
www.nur.kz/ Name: __io_visit_336
Value: 1
.nur.kz/ Name: __asc
Value: 92795fe51813ca03271c77f0f88
.nur.kz/ Name: __auc
Value: 92795fe51813ca03271c77f0f88
www.clarity.ms/ Name: CLID
Value: a32e532c1f3f4e4caf4f8f3ede5b35ed.20220607.20230607
.nur.kz/ Name: _ga_L3EYGX7DJS
Value: GS1.1.1654579540.1.0.1654579540.60
.nur.kz/ Name: __eventn_id_props
Value: %7B%22globalProps%22%3A%7B%22env%22%3A%22prod%22%2C%22source_type%22%3A%22desktop%22%7D%2C%22propsPerEvent%22%3A%7B%7D%7D
.nur.kz/ Name: nur_user_id
Value: 22ede3b3-1286-4501-b2b6-291419f0319d
.nur.kz/ Name: __eventn_id_usr
Value: %7B%22id%22%3A%2222ede3b3-1286-4501-b2b6-291419f0319d%22%7D
.nur.kz/ Name: __eventn_id
Value: a7e0gy709z
.nur.kz/ Name: _ga
Value: GA1.2.1221060954.1654579541
.nur.kz/ Name: _gat_ABtests
Value: 1
stat.khanate.pro/ Name: __eventn_id
Value: 369414a757
.nur.kz/ Name: _clck
Value: vdogo5|1|f24|0
.nur.kz/ Name: _clsk
Value: qchyjk|1654579541398|1|0|i.clarity.ms/collect
.yandex.ru/ Name: yandexuid
Value: 3062184171654579541
.nur.kz/ Name: __gads
Value: ID=f89432200e1a5733-221b291caacd0077:T=1654579540:S=ALNI_MYI6kFZoMlspz5FLis2po4m65tQ7A
.c.bing.com/ Name: SRM_B
Value: 105683FF360166B9332C9243376A67AC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 105683FF360166B9332C9243376A67AC
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnPLVqDH7QYoTzOv5_gWboBL28niG2tQYxlQaYLoldf2xb6xHoeorTZ1kHjAjg
m.exactag.com/ Name: exactag_new_gk
Value: 97b18cd213864563bff896a82387e26b%7c06.08.2022+05%3a25%3a41
m.exactag.com/ Name: exactag_new_uk
Value: 5796b8657797442fa57ddc0cef72bac0%7c
m.exactag.com/ Name: session_session
Value: 68058cdd3fad4ae0adb1484c
.doubleclick.net/ Name: DSID
Value: NO_DATA
.an.yandex.ru/ Name: yabs-vdrf
Value: A0
.quantserve.com/ Name: d
Value: EBcBCQGpJoEA
.quantserve.com/ Name: mc
Value: 629ee156-51cd1-e234c-2d679
.casalemedia.com/ Name: CMID
Value: Yp7hVq-3OBMioHCMzApKdQAA
.casalemedia.com/ Name: CMPS
Value: 5183
.casalemedia.com/ Name: CMPRO
Value: 1153
.casalemedia.com/ Name: CMST
Value: Yp7hVmKe4VYA
.yandex.ru/ Name: yuidss
Value: 3062184171654579541
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d01f825e-8a12-529e-a0db-5028c245b17e
.betweendigital.com/ Name: ss
Value: 1
.360yield.com/ Name: tuuid
Value: 9a05b64c-0819-48a2-a913-4db3f8fa97d8
.360yield.com/ Name: tuuid_lu
Value: 1654579542
.betweendigital.com/ Name: ut
Value: Yp7hVgAIptgwP0FWxRS2YO9GV_oEtxf0jDnlPQ==
.dmg.digitaltarget.ru/ Name: viuserid
Value: dwL2VsTLrYWSmEi7Cn4C
.innovid.com/ Name: uuid
Value: 5ac2cce3-bc36-40ab-9e3c-f2f6dbef41c9-20220607 01:25:42
.tns-counter.ru/ Name: guid
Value: 238B693A629EE156X1654579542
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWKe4VZhIABaQmnXApMGkhrp0GKv89zFVlNlFoUx0Blw
.weborama.fr/ Name: AFFICHE_W
Value: paK4M-hwBtKl55
.demdex.net/ Name: demdex
Value: 20850961173216819664393103338869768709
.uuidksinc.net/ Name: jcsuuid
Value: woB5WdX3XVdjaRazbyvk
.adx.opera.com/ Name: UID
Value: 57a5ece06ffa4abbb3e4598ec09d4a94
.acint.net/ Name: cSyncDp14v3
Value: 1654579542
.dpm.demdex.net/ Name: dpm
Value: 20850961173216819664393103338869768709
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWKe4VYaBgAXFAy/AjaDnpVXfGp53UxT/ItW0tBugxKi
.yandex.com/ Name: yandexuid
Value: 9943307931654579542
.yandex.com/ Name: yuidss
Value: 9943307931654579542
mc.yandex.com/ Name: yabs-sid
Value: 1403841761654579542
.yandex.com/ Name: i
Value: auJahkhFwe915kEMDi7BfTPEHzUuacntS0QM2x9hslLVnfBWh0/Ta72RAOquPvrRCxqaoPpIDL8pllmEn5qffXg9gWY=
.yandex.com/ Name: ymex
Value: 1686115542.yrts.1654579542#1686115542.yrtsi.1654579542
.sonar.semantiqo.com/ Name: semantiqo_a
Value: a8d4321f5c974b6cad1ec0265910d02c
.sonar.semantiqo.com/ Name: check
Value: 00b45c7ee8e04de9805655bf9f70a3c9
.mts.ru/ Name: dspid
Value: c6fe328e-9d13-4c3b-b43e-79d148864fd9
.1dmp.io/ Name: uid
Value: 4680b780-e622-11ec-acfd-901b0e8b2a6e
.1dmp.io/ Name: ru-seq
Value: null
.upravel.com/ Name: session_tptc
Value: 1654579542861
.adhigh.net/ Name: gi_u
Value: Pp0vsGrnDss.AikABlGBPKA7SQ
.upravel.com/ Name: user_id
Value: 15a4b769-e266-45e6-9a07-4cee75d7d7dc
.adhigh.net/ Name: yandexssp_sync
Value: jJf
.mts.ru/ Name: mts_id
Value: e2a9f68e-14d1-4e92-9700-43ca3dd84dc0
.mts.ru/ Name: mts_id_last_sync
Value: 1654579542
.aidata.io/ Name: __upin
Value: mLDvkENAFInkVRu0Z6UoWA
.aidata.io/ Name: __upints
Value: 1654579542
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.e.dlx.addthis.com/ Name: na_tc
Value: Y
x01.aidata.io/ Name: yaya
Value: 1
.rutarget.ru/ Name: userId
Value: g1u-7YGFahkL
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 74041AE5-52CE-4684-BC8B-B6F78F82AAD0
.addthis.com/ Name: na_id
Value: 2022060705254300090631413662
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 629ee1576e78fff1
.addthis.com/ Name: ouid
Value: 629ee1570001bd77d29576a4c4503195091bbe5dc645280216ac
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220607
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CPzcLhCodxgB
.yandex.ru/ Name: i
Value: HBjDsNIM+QAirFgrvhuMxTBRC4z97ttt1IukoSQN/ZgqDC7crYUH698n1TJ2i79TkXrxk1Laue7QPXhGpzGXsT+fkj4=

4 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012205232225000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELdMIGaMfCv40ipg5L7qV_k&google_cver=1&google_push=ARnp8GC0dRqb5HJb_FaEqXeTbIPZ5NFd7eiYKc8K_Ib-LmNHYFewWkeuQ_JkNxb0OQGvRx1hhSgD4MRVYkgnWAYKEy3Ljy9H1Emsxg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GA0kBOY34ZX_Y9RNb-cYuhnnHviEGCkAoFxV9fiaaMNk0OskVBlw0_XVLFXyQK72d0yB5OMp1OWEcKX3nBPXce5H2k-7fb-&google_gid=CAESEOrQj0uEwcqkMJrXcQWjJ8M&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://an.yandex.ru/mapuid/SAPEis/0100007F56E19E625A00206102D76942
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15a4b769-e266-45e6-9a07-4cee75d7d7dc.sync.upravel.com
acint.net
ad.doubleclick.net
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
ag.innovid.com
an.yandex.ru
analytics.google.com
avatars.mds.yandex.net
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.nur.kz
cdn.onthe.io
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.tns-counter.ru
cms.quantserve.com
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
e.dlx.addthis.com
e524444591ee624a78cc3130536579fe.safeframe.googlesyndication.com
euw-ice.360yield.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.clarity.ms
id.rlcdn.com
image6.pubmatic.com
m.exactag.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nur.kz
nurtech.pro
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb.openx.net
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.khanate.pro
stats.g.doubleclick.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tttt.onthe.io
webapi.nur.kz
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nur.kz
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
googlecm.hit.gemius.pl
mitdmp.whiteboxdigital.ru
104.36.113.23
104.89.42.102
116.202.11.241
136.243.148.229
138.201.65.75
142.250.185.98
142.250.186.130
142.250.186.98
142.250.74.198
148.251.129.43
157.90.179.218
178.170.196.247
185.15.175.144
188.42.191.196
193.232.148.146
193.3.184.138
195.201.87.224
2.20.85.164
20.234.93.27
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.170
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:27::cafe:2193
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9b
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a05:d01c:1d8:8100:ead7:db0a:c4c5:a8bc
31.172.81.158
31.220.27.155
34.252.147.157
34.98.67.61
35.186.253.211
35.190.24.218
35.244.174.68
37.18.16.23
44.239.96.25
45.9.26.83
52.167.85.21
54.155.185.156
69.173.144.138
78.46.16.13
81.222.128.216
82.145.213.8
85.14.248.91
88.212.201.204
89.108.120.76
91.192.150.14
91.215.139.234
91.215.139.235
94.247.128.34
94.247.128.37
94.247.128.43
95.216.24.148
95.217.109.66
99.86.4.6
99.86.4.91
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
02f012d77f69d09efb2d4adc62a748a007a30a0c52f135f50d2873a9334db36d
04b9c4e75a95191d5d055f6a0b43ecabbe26a8c0c804e7fbb88b4a7f02d1de1e
0579ff692957d78fd6510f1e6bb2aecd66c5b8cd7b0224c9a0f8438721c6a44b
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
0adf1237c7f4225da0d9caa843c47f93486794e415e4db68a59df3a689041334
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc12e4b98035b0d14decb4f8510204b01e0711519f0c9d53c1c25f8472df838
12f498e3208315450add74229d8cfb1e4065d11576b39a2e2b63369b0f3dcc70
14f0822245a486796ca5a7e7a10d7db8d6ff79a665585b96d3ef484263b418d4
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
16c6d5b5e239b715a3e5921dfacc509b1e299057c5bbfb4ae12ea95297c84e01
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1b6d42ddb65392684149d8b79de6c27928513dadae7cc692977aac308117f47c
1cc2bae76f40e5c42298937b823fcd12fe9d418d851d55c1e1d326032e7883ff
1f63538cb21e69fefb6af0c3db52c3df20622597dbdcc27dbff5fbedc65f5e91
23cc65a8727bb9016015372f09daa3dc8dceccd6e21876ff8804db2cbd242c6c
250f65ed6eccaca3c76987a0c5ce1b388a88cdb56874a7c2dff32760d3c6dcd0
25f1cdd04f4b236b79562629b1c5d68454cd02e96002e0ea870b82081a2fce76
29523f8c2d72a46ea1f3b0817aa91107b5fc421ab67ca4f86033c1adb2ad25c2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
2c18b2383885435cb379b8a7c990b7021d1c2701554120d34b07be0da5a8f743
2ce374bc845d63893f7d5b7bbe81a5c359d48eefb9ee171186d9b6b83323015f
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3539ae111a1ceb8f0bd84448ce55cb1d1c506c02c48d06e05b8139bddf8e4755
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3aff27a4eeda21ad85bc15d120342a8840e3b92f0c43616e4ec9ab220d1139eb
3f3317ba6a5829035378dc2b11f30a2338013675261a9bf6167a7ca9dbb7444b
3fef2bb487a75c68deb09f1bb519592f7688129de30f665c72d577df95c102a8
4051e07b26c798050f69465c3a1f49a25e17c1b2e4e42e3e579828ea33a45094
40d7fc347ea56bc35c489c2006a1ff69992bddd0344bd0bee1323029e151c408
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
44173dc228bfc577c2b9fc1a168ab0798e24fbb1ff8e8f1171879889706cf374
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
49d7f8b1a792b7b8fc63eefc2614125aba00e1d5a381cf25910d1c4a2870fcd3
4a13ff6c627da0a21f5186053178f826769729f58ba6eb8f8f413649b51559ec
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
53190b7838a27f624da133fc259f0fd6093f49aec64c1721e1f414de407b92d4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019
56eb625e383914b8ad3c210480659fb5ec02851fb4c7299d2e8961b8814b1277
5741a03116c9aed9c5867eef260e7d7ccd21268bb12a164125f92ba71cc17d09
587348c8d44d26c33a536692b9898ac1e23f5d9980e3ce9b07794288be14058e
587815bbad0202349b3aa4c1609944b99b52d6f67f97690c705b9d5e4c977ed0
597c2ff22f5098263f34622a2efffc185cc207eca98bfff7d40ca56da9058568
59e44b4deb7ae38e798837aff98aa800acbd67a29ccb711e69a20aa7b1d613a2
5b04a3a9ef00cdafdebbf368784d5a9c8f34c65330dd816682fb1b12085ac22b
5cbc669a58758bc2114a3a6e9ac33c71861febcefceb4d01a0ce62f43436601d
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6338677bd1a10ff1b0b01a07f22933243f62194458da01fe2cdd2a5bdc446a6a
641e566adba3b65a11f279fe14477a4344767dba77b444b8ab8376b4555fb6a8
66adaa239f3adfca9c0b4dff99152181b29fd61b12cdc990dea1c6f98a3692a4
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
6a9c660c5df0bdccc3fb63255c12d509520d9ab0fb4aa46d7704388c13828d79
6ba1aea2e2e983ef53387367c0d5da29a216f6e613c3882e6ae980ff3a70c6bb
6bc273cbe6bd53b0835ae0b66c8d00043e0e9ff0b3d981be0fcfc2ae994d775d
6d0205053e47fcdc3dfc6c73d8d1d86866a05dff3a58916ef22bb6b1cca59da5
76c91a48e8c0053d6163ff0d8e3d681f6caf7eae3f0f48f361d472126aae1e75
79f1ac176ea52bed2fa74a6df88f062cfe3af01bbb6b6590d61559751399050b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c574b07b69d3ea0d710a7e017d2d90558fa150ef0b4ab08b74ef2d7f2580431
7dca7733ec0aead31386758c6043913b9ee754fb8499849701773bf4eaaff48a
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ba6a1722f7ec288a254e6866420cd0f3ffa96b71294d44636a06138114c652
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a672b7b02c6a3fe2cf27c6c07f30d9729ffde2cf60701d730a17a83492e1b0f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b331c5a2b571aac5e26a88f214625270a1624fcb83880a3003281d4ed4eefb9
905566b879ad662531a02e341fbe7b8bab342272b3579e99b844edfaf69c1e64
914b488d532e5aaa35310103109a1b93ef70c9dfd272a86e2cc890a732b6a568
9196ed5c14f8e7dd1e89576a347ac4848ad1edaf7b7df25e7b920bcff953a8ac
92e3de3da7201c62ef60ea46370054480294af1b888b98bf315556a52c5ae062
95a0b10f4dfee15b65f4eb2cad10291e08b195a760b797713c2c49f125cbcf7a
9901d8becaea6864776b490cc4791146ce7fcfe9f7ce066a24ca94f1829d16b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2df6ea018fdf26ebed2f0ad9a6ef0f662a3c03ebb5e2058f312767e5633e64
9c53e08c3a1a5a8cbbe912338ca74fc54be9bfc85299230f502f88c9df124ddc
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
a006d7ab427fb687f5e715c42a5285b44e37bffa364dc3f99699359f873b6695
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a162d79a7ea1172da3a9690aeca519ef4f116aba6ca51aa50e1aa99f91ff782f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3f58f3312c76a6f539c52aec847073a1006d926523a05488196a4cbbd65a65e
a438edf833dc1aa43e9b4bea709741227e89fe38636956783c4fc87949e657c4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b793f2f334bef5476ad686f366d79eaa953e43db2749dc9fdad9f3bf13b686
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b11a043f76e797d7c0abc3457e5e5f4166123f0a91388aae07f46a6c0346f38a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b402c9263a627d84e0de2d509f3d0c1a215226da47fd3eb0e387a1dba334c6
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
b63745ed29d6784dab812ad53d2a76b060cbf160f6200b203c24d797d9d18045
b7c9452fde41ea8c1edaeaac061cdbc3e61c14ad4fd3eb1ebb08fd4c2a1b5796
b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401
b86d79adcfefe38afda6a21dbefeb72a2484083b1a6b91c5bfaeb242fe056d29
bd2292fefe85a75f1e1cc8d67c14a6b5a6e2d47334ea4794186c58522ab449b8
bfaef65b25794a604ff02867568b414568fe0450e6af9337f8072b41f8264796
c236d7da831e0d70b39a25f3b8a2213c00c92c0b1d8ff70b976b1517005ae83e
c47d04537d1d8c11a8dd85d16eca3bc492c81ae28f43c4cac5576ef3dcd42929
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
ca9fd8f705112105529b7fd53514b6c339f50218d82c1144bf219747e481ab2c
cf6d3d1470b43abbac33a8dd8e9dadca4996b7abe0c2f39ff12f26c51ac867ad
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d5a15a10955e2d03c4924c85474b7b8332cf61059c6982c2d370f078151501bd
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fe609f6c381d6b0c887ba0fe7ac11edcf072d9300d29f609d27d633ff5c514
ea88b619548e4ba7c1695045b0eea148fa27a30a084704e50f407dd697466f5c
ed3cdd67b99dd07dc76f3ff0b253b64e9fc16ac725c6c002e9da8b1b796b5d70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb86e7b2388ff22045136ce59bd29c4d34598c669dbb84359435f5a9c88a695
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
f255cb2fbb297b78ba7cd47935bd1c55629ab92cdba2b88bfe270568e7e4a0d9
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
f47367e185ac2a353d77be1e2e96a57fa78f88d950d34d3bf7737879b6c14734
f6d1562c28bd325a90e677872ed5f7820ec64e38d81ef5ced6dad1e6ae54bbcc
f7ae129f0628e53c602a3b7f3ec95d4e8d0e61677d2bb3e7e9e8bde21641508f
fa77212981d67d22068a5ddbf728c58871e82a0eb45834ee159a1274e8acf202
fab5572c01cd671e1a92d8ffda83b65c5276089a5d8f7cec2105ba034a55a98e
fca177394af6e8c8e0b15b9c6944fca095550b9776f503f6467ce1ae7c8f9e68
fd1cc7a32a86b77b0985b43453cfc138daccd042f4f1b9fbd905b903c86cbd44
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6