urlscan.io logo urlscan.io
SecurityTrails logo

www.ng.kz Open in urlscan Pro
185.113.134.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ng.kz/
Effective URL: https://www.ng.kz/
Submission Tags: tranco_l324
Submission: On November 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 9 countries across 43 domains to perform 367 HTTP transactions. The main IP is 185.113.134.12, located in Kazakhstan and belongs to HOSTER-NS Hoster.KZ - Nur-Sultan, KZ. The main domain is www.ng.kz.
TLS certificate: Issued by R3 on November 19th 2021. Valid for: 3 months.
This is the only time www.ng.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 166 185.113.134.12 207333 (HOSTER-NS...)
1 2a02:6b8:a::a 208722 (YNDX)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
3 18 2a02:6b8::1:119 208722 (YNDX)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 213.174.135.1 39572 (ADVANCEDH...)
4 2a02:6b8:20::215 208722 (YNDX)
2 2a00:5da0:100... 48716 (PSKZ-ALA)
4 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 3 109.235.165.222 43247 (YOOMONEY-AS)
2 4 88.212.201.216 39134 (UNITEDNET)
1 3 91.201.214.115 48716 (PSKZ-ALA)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 185.71.78.18 43247 (YOOMONEY-AS)
31 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 185.29.132.246 30419 (MEDIAMATH...)
4 78.46.111.106 24940 (HETZNER-AS)
11 18.203.213.28 16509 (AMAZON-02)
1 184.51.9.44 16625 (AKAMAI-AS)
3 88.99.219.174 24940 (HETZNER-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
3 192.229.220.129 15133 (EDGECAST)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 4 95.131.136.1 47841 (OXALIDE)
2 85.14.248.72 24961 (MYLOC-AS ...)
2 92.123.17.141 16625 (AKAMAI-AS)
1 2600:1901:0:7... 15169 (GOOGLE)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 1 18.194.46.33 16509 (AMAZON-02)
10 142.250.186.162 15169 (GOOGLE)
2 35.227.252.103 15169 (GOOGLE)
3 3 198.47.127.19 62713 (AS-PUBMATIC)
2 2 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2 142.250.74.198 15169 (GOOGLE)
2 2 104.96.159.57 16625 (AKAMAI-AS)
1 1 217.182.200.20 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 84.200.5.215 31400 (ACCELERAT...)
1 1 46.4.62.19 24940 (HETZNER-AS)
1 82.113.101.132 6805 (TDDE-ASN1)
1 1 78.46.85.162 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
367 49
166    185.113.134.12 (Kazakhstan)

ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ)
PTR: server.h-21793.kz
ng.kz
www.ng.kz
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
informer.yandex.ru
mc.yandex.ru
mc.yandex.com
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.gravitec.net
4    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
2    2a00:5da0:1000::121 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
optimizm.kz
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    109.235.165.222 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 109-235-165-222.yamoney.ru
yoomoney.ru
4    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
3    91.201.214.115 (Almaty, Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
PTR: zero-web-01.neolabs.net
c.zero.kz
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    185.71.78.18 (Russian Federation)

ASN43247 (YOOMONEY-AS, RU)
PTR: 185-71-78-18.yamoney.ru
static.yoomoney.ru
31    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal9000.redintelligence.net
11    18.203.213.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    184.51.9.44 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-44.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
3    192.229.220.129 (United States)

ASN15133 (EDGECAST, US)
img.metaffiliation.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
4    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
action.metaffiliation.com
2    85.14.248.72 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    92.123.17.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-141.deploy.static.akamaitechnologies.com
www.awin1.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
14    2606:4700:3039::6815:c04f (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.194.46.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-46-33.eu-central-1.compute.amazonaws.com
d.agkn.com
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8101:4d99:e3e3:5994:4b29 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
8019191.fls.doubleclick.net
2    104.96.159.57 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
1    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.o2online.de
1    82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
1    82.113.101.236 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
Apex Domain
Subdomains		 Transfer
166 ng.kz
ng.kz
www.ng.kz
2 MB
45 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
444 KB
28 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
152 KB
14 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
193 KB
14 yoomoney.ru
yoomoney.ru
static.yoomoney.ru
300 KB
13 yandex.com
mc.yandex.com
4 KB
11 mediamathtag.com
s.update.mediamathtag.com
52 KB
7 metaffiliation.com
img.metaffiliation.com
action.metaffiliation.com
47 KB
7 redintelligence.net
hal9000.redintelligence.net
hal900029.redintelligence.net
56 KB
7 google.com
www.google.com
adservice.google.com
2 KB
6 yandex.ru
yandex.ru
informer.yandex.ru
mc.yandex.ru
259 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
193 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 googletagservices.com
www.googletagservices.com
146 KB
4 yadro.ru
counter.yadro.ru
3 KB
4 google-analytics.com
www.google-analytics.com
20 KB
4 yastatic.net
yastatic.net
161 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 medialead.de
pv.medialead.de
medialead.de
2 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 google.de
adservice.google.de
www.google.de
1 KB
3 zero.kz
c.zero.kz
4 KB
3 googletagmanager.com
www.googletagmanager.com
158 KB
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 o2online.de
partner.o2online.de
portal.o2online.de
2 KB
2 lead-alliance.net
www.lead-alliance.net
1 KB
2 telefonica-partner.de
www.telefonica-partner.de
571 B
2 addthis.com
e.dlx.addthis.com
1 KB
2 rubiconproject.com
pixel.rubiconproject.com
913 B
2 openx.net
rtb.openx.net
415 B
2 quantserve.com
cms.quantserve.com
795 B
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 awin1.com
www.awin1.com
1 KB
2 exactag.com
m.exactag.com
2 KB
2 optimizm.kz
optimizm.kz
12 KB
1 gemius.pl
googlecm.hit.gemius.pl
336 B
1 innovid.com
ag.innovid.com
296 B
1 agkn.com
d.agkn.com
769 B
1 ad-server.eu
ad-server.eu
312 B
1 media01.eu
pb.media01.eu
628 B
1 2mdn.net
s0.2mdn.net
49 KB
1 googleadservices.com
partner.googleadservices.com
632 B
1 gravitec.net
cdn.gravitec.net
18 KB
367 43
Domain Requested by
164 www.ng.kz www.ng.kz
31 tpc.googlesyndication.com www.ng.kz
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.ng.kz
googleads.g.doubleclick.net
www.googletagservices.com
14 pagead2.googlesyndication.com www.ng.kz
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 mc.yandex.com 2 redirects www.ng.kz
mc.yandex.ru
11 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
11 static.yoomoney.ru yoomoney.ru
static.yoomoney.ru
10 cm.g.doubleclick.net googleads.g.doubleclick.net
www.ng.kz
6 assets.ad4m.at as.ad4m.at
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 action.metaffiliation.com 1 redirects hal900029.redintelligence.net
img.metaffiliation.com
4 hal9000.redintelligence.net www.ng.kz
hal900029.redintelligence.net
4 www.googletagservices.com googleads.g.doubleclick.net
4 counter.yadro.ru 2 redirects www.ng.kz
optimizm.kz
4 mc.yandex.ru 1 redirects www.ng.kz
optimizm.kz
static.yoomoney.ru
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 yastatic.net yandex.ru
4 www.google.com 1 redirects www.ng.kz
tpc.googlesyndication.com
3 image6.pubmatic.com 3 redirects
3 img.metaffiliation.com hal900029.redintelligence.net
img.metaffiliation.com
www.ng.kz
3 hal900029.redintelligence.net hal9000.redintelligence.net
googleads.g.doubleclick.net
hal900029.redintelligence.net
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
hal900029.redintelligence.net
3 adservice.google.com pagead2.googlesyndication.com
8019191.fls.doubleclick.net
3 c.zero.kz 1 redirects www.ng.kz
3 yoomoney.ru 1 redirects www.ng.kz
3 www.googletagmanager.com www.ng.kz
www.googletagmanager.com
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 e.dlx.addthis.com 2 redirects
2 8019191.fls.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 pixel.rubiconproject.com 2 redirects
2 rtb.openx.net googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 www.awin1.com hal900029.redintelligence.net
as.ad4m.at
2 m.exactag.com googleads.g.doubleclick.net
www.ng.kz
2 pv.medialead.de 2 redirects
2 adservice.google.de pagead2.googlesyndication.com
2 www.gstatic.com www.google.com
googleads.g.doubleclick.net
2 optimizm.kz www.ng.kz
optimizm.kz
2 ng.kz 2 redirects
1 portal.blau.de as.ad4m.at
1 partner.blau.de 1 redirects
1 portal.o2online.de as.ad4m.at
1 partner.o2online.de 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 googlecm.hit.gemius.pl 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 ad-server.eu googleads.g.doubleclick.net
1 medialead.de 1 redirects
1 pb.media01.eu hal900029.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 s0.2mdn.net www.ng.kz
1 www.google.de www.ng.kz
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.gravitec.net www.ng.kz
cdn.gravitec.net
1 informer.yandex.ru www.ng.kz
1 yandex.ru www.ng.kz
367 63
Subject Issuer Validity Valid
ng.kz
R3		 2021-11-19 -
2022-02-17		 3 months crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2021-03-04 -
2022-04-05		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
optimizm.kz
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
yoomoney.ru
Sectigo RSA Organization Validation Secure Server CA		 2020-11-24 -
2021-12-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
static.yoomoney.ru
Sectigo RSA Organization Validation Secure Server CA		 2020-12-04 -
2022-01-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
c.zero.kz
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
redintelligence.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
update.mediamathtag.com
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
img.metaffiliation.com
Gandi Standard SSL CA 2		 2020-12-09 -
2022-01-02		 a year crt.sh
*.metaffiliation.com
Gandi Standard SSL CA 2		 2021-03-08 -
2022-03-20		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2021-08-16 -
2022-09-14		 a year crt.sh

This page contains 35 frames:

Primary Page: https://www.ng.kz/
Frame ID: 8123C34C67BCBB5F8338721BC6A5CD64
Requests: 134 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
Frame ID: 7D1FAC01B9D4CF55BCD8603EBACAF0D7
Requests: 8 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/forik_v.6/forik.html
Frame ID: 44268F0DEABE3E5EE007E8096574ACD7
Requests: 15 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/katris_v.3/katris.html
Frame ID: E3D2FFC96196A94D7ED35D4AB54A43A7
Requests: 10 HTTP requests in this frame

Frame: https://optimizm.kz/banners/banner-istorii-230.htm
Frame ID: 2A318254D1432ACC1153B1DE81147F63
Requests: 6 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/autodom20210514/468x60.html
Frame ID: 14C767FC3E36BEA79AF9D150642C761E
Requests: 4 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
Frame ID: 433EC85A2CC032CFA05792A66D29691A
Requests: 13 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/ng_sp/ng_sp.html
Frame ID: 73F2A8F771B952989FC5E8E411651498
Requests: 12 HTTP requests in this frame

Frame: https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
Frame ID: 0383844A0A70478A87D7A75A8829DB86
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: AFBBBD9AC7E929A9F4DC5030781B58D2
Requests: 1 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Frame ID: 528BF72FBF20991F551F1AFABC8A7DF4
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Frame ID: D4AAC61B059413FEE0030663A8C9AD61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&adk=2854383584&adf=3228828784&lmt=1638014216&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ng.kz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430791&bpp=1&bdt=407&idt=84&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=88
Frame ID: C79A64FF0C0073F2DB723E3A5274729A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&adk=2854383584&adf=1745894916&lmt=1638014216&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ng.kz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430808&bpp=1&bdt=424&idt=107&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0&nras=2&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=111
Frame ID: 139E49CD3A2203A26BD057DAE27A3011
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Frame ID: 20F0A530FB6231E02B4D3C7F08D427F2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Frame ID: 09DBEC7A2880CA0E8644C3AF1574EECC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 85440AC85D7ABFDF0D55DE427262A282
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Frame ID: D6082BEAEB4F2134918E8CBBC94E7C65
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C9xDI3h2iYZzjN-Cy1fAPlKmVyAGS4bPdZqWHnuzmDrbs7OyuCRABIN6-8x9glYqzgsAHoAG46IrAA8gBCakCPVGexJX9sj6oAwHIA0iqBMMBT9BYk4lHVqvXZJkt8geoQCXk5RNSHGXhJ-Yre_DXaDJUO1IRJPexEM-vMNvGx3TG_luWa5j_Roxe8Vx01Fkgwmx1l5MqDrw5jP3c95YEy5IlPIYSa-xYnvIf7HjQ15tM4JJqFWKgh4yWqi3Jexohe3BgQTUMQHzeVlbgqGgjhmiBnrCkdnhzSnBNcQe5dPwkKK-01ZO1adh_kAFZKwmEwVNhUfK5xmPODC2K-Os2DAy9LEnb7isEqR4OPBjKiOHk2GnAwATz1Kbc4AOgBi6AB7CX9T-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCqvwnSCAkIgOGAEBABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNDc0Mzk1Mjg0MzM4ODc0NBgA&sigh=5p8_B11s_Y0&uach_m=[UACH]&template_id=419
Frame ID: 713246BB8ADE113C341382DED1C78DE6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D800F92ADAE6692CEBD0A0A9356CA7A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 8A02B81FF6DFF9D9F53082533DEEE5FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-ccK3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgSyAU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDih4ST2wimyS2br8OwWfFpgoVn2y4iu0DPfhoiMNXOqoS2UOK-rgkyABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NzQzOTUyODQzMzg4NzQ0GAA&sigh=ULw0JgNieXA&uach_m=[UACH]&cid=CAQSOwCNIrLMJz6st6A4NyQrmbpM23PscKZ0pRhQ_YIYCw5jXwNOM6tSPH5Sg-XTqke6_fXuFcCObPuDrAqUGAE&tpd=AGWhJmu4A5tgdUuw6hn35CP31Kamd8HlghrQcsBVNRmex4c6HAPwkrS4izdjmRDRsztktO9m6HHMeBit0XI49Wd4p67iI3OdeoZV3bmAsfIrRhkB-h-lNtq1ID8pfgMA2sueNfn63AZ7KGL2B1WuLk8IgvLSajsrvY4dPebTvb2bOWdvr6f6O8vDIjbNiYbhZRqypcLqHMVBgcI0lUF1kaQGvti-fPZSANLZI6rSlr4yoNex1qZDc7rSFyQkymUXFMICKwksSXu7CNsp4X7r-ciqAX1hB1bEwjwq8Dk49gWY-_Z7njN-8J1fyzwI9z1cX5U7hdqvaG2WNJyM0cfTgvmLlayImJL0RwsBnTkrg7KSxEnjYP3Zalu6Nl6c-q5QaJ43oLMufUDcebrSsTq9n-89iO92zf_BkSRen3ibkrPkOKTYGObgJ7FWU3ucsb1U0llsT2tUjrY5pSMTi9I9Yjy5r4WQILIu7guqfat98rzKVyquYZja54G_-E79LJe5LcSlyCsw6rvN_pnMdLFDVxkUyAzQD4lD31JPeg_iZi9ZZJuaoHCrWr6Nq-nN0A9wWDqP7KAmNU4isCP_DZGWN0yXCdIAFZduoey63QvuxpOr7cRop7rMzNeBDadUc8xWgfMWmUgeLe9a6RdLIi48V8DZhFpX91N3e9zGA3ItkKOB1s5sOIsM1jLcHtwjX2NHuOEFMB71A8cb8ERadUpJkCjMIijhzFxJRLGKvFYwc3iviJmN0CEDvbsb56oB34FORqn7uGMtuBEwDemjlAB1P9CeVckgzzBGgY92U0UCx_0FY-3s2GUFY4iZ7Cj5BT2SOyd9tJpQg1RkwwDdeL2yTwWHbTBVFNwYunY2rP_LZsN_TOn3dj9IUBtDk7rYptDAZFQC1v72v-51lCMo4wdfoByqCfRKl4vZg1NnYK4R53CrI6CbcqavBVxxVaTcZW3X4S3VGzWJGqDnn0BJz8fr42cCi9PMtGOEJR_upsYBHiCaIOS9M28jry_gfVIYi0_fSBGwI6wu0N-oU1gpQ6t2J3EQVHEpyKwl0mKGiGFZwgvdMvFB8iYwhSPTxZ45fNQewlk_GWo
Frame ID: 82B60F2385CC0D6772FE4A9AC0F6E604
Requests: 31 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72256700068139300951393011791029&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 4D1C038F2F8804A09040922123440DEC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D
Frame ID: DECE84B1B582A4C7B4715EED85FFBE5E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6865A886BE183D01930F435F98E57210
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987
Frame ID: 6997100C27404900ADDF3C4058A97DDC
Requests: 2 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Frame ID: EC866A2AB42E78145D75CD5F4639106F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6CC2BF201F0EE801C0C6A2FE7D0DD37
Requests: 9 HTTP requests in this frame

Frame: https://img.metaffiliation.com/kwanko-sdk-iframe.html
Frame ID: 451D8DCD44D9B76E0CD960E9A8E5BB18
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 67F4902CF316FF70951BBCCA60755404
Requests: 1 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182
Frame ID: 4038AF6A79D4F8DD155702B751F36C6F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Frame ID: E97C8D3BA7984D335AB91A284A837B57
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: A8C24240EE5B9704883F58363C1990CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C12A9373BEEDB69FC5A71A2387573DC3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C75BD33CA8E4602CCC0488B4A802BC9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Наша Газета

Page URL History Show full URLs

  1. http://ng.kz/ HTTP 301
    https://ng.kz/ HTTP 301
    https://www.ng.kz/ Page URL

Page Statistics

367
Requests

94 %
HTTPS

42 %
IPv6

43
Domains

63
Subdomains

49
IPs

9
Countries

4472 kB
Transfer

9263 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ng.kz/ HTTP 301
    https://ng.kz/ HTTP 301
    https://www.ng.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://yoomoney.ru/share-balance.xml?id=136187900&key=0580EDD2B48A438D HTTP 301
  • https://yoomoney.ru/transfer/balance-informer/balance?id=136187900&key=0580EDD2B48A438D
Request Chain 112
  • https://counter.yadro.ru/hit?t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069
Request Chain 113
  • https://c.zero.kz/z.js HTTP 301
  • https://c.zero.kz/z.js?c=d0434d35d6b928
Request Chain 125
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9470.4fZgj0f4GveIHn_1nkrkPYs9ncfKSNZYQHynGb0f0AqhaVwgET780Ufrw89RQujT.O7taTG-TzcmF_dGYC97_oZkaD74%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9470.1uoRmIxF_iRQUPp1SzJx6iCupWqYzRSgI_GWTmbEgeqIW2Owh89tIFypcchZc_eYUGO-huU6gs-qoRHokzLqyQ%2C%2C.u1eYyZrwKpOnF1OxM-lUxbMlGyo%2C
Request Chain 145
  • https://mc.yandex.com/watch/2200384?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1583621166718%3Ahid%3A681708894%3Az%3A0%3Ai%3A20211127120030%3Aet%3A1638014431%3Ac%3A1%3Arn%3A138891707%3Arqn%3A1%3Au%3A16380144319429825%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638014428459%3Ads%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C382%2C26%2C%2C%2C%2C2307%3Adsn%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C281%2C27%2C%2C%2C%2C2307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638014431%3At%3A%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/2200384/1?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1583621166718%3Ahid%3A681708894%3Az%3A0%3Ai%3A20211127120030%3Aet%3A1638014431%3Ac%3A1%3Arn%3A138891707%3Arqn%3A1%3Au%3A16380144319429825%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638014428459%3Ads%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C382%2C26%2C%2C%2C%2C2307%3Adsn%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C281%2C27%2C%2C%2C%2C2307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638014431%3At%3A%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Request Chain 147
  • https://counter.yadro.ru/hit?t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u0438%u0438-%u0423%u0441%u043F%u0435%u0445%u0430;0.9314923143683822 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u0438%u0438-%u0423%u0441%u043F%u0435%u0445%u0430;0.9314923143683822
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 280
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72256700068139300951393011791029&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 282
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 284
  • https://action.metaffiliation.com/trk.php?mann=P511E19571C9F151&argsite=72256700068139300951393011791029&gdprconsent=li HTTP 302
  • https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
Request Chain 296
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIlN06LI2lA28Z81pkbJ9I0&google_cver=1&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek&google_hm=Q0FFU0VJbE4wNkxJMmxBMjhaODFwa2JKOUkw
Request Chain 298
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPYCz1QE7knzXX2ta8mw8BA&google_cver=1&google_push=AYg5qPJhWSj7xcZCJJxXcyThI2RmKPyyn6ZODl-WQvjgmVz8rVKCHD0t-JbNyLJfPOQVFzOrKzAaiJPeZQo-3qU_o28efnpXmPoJ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPYCz1QE7knzXX2ta8mw8BA&google_cver=1&google_push=AYg5qPJhWSj7xcZCJJxXcyThI2RmKPyyn6ZODl-WQvjgmVz8rVKCHD0t-JbNyLJfPOQVFzOrKzAaiJPeZQo-3qU_o28efnpXmPoJ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhWSj7xcZCJJxXcyThI2RmKPyyn6ZODl-WQvjgmVz8rVKCHD0t-JbNyLJfPOQVFzOrKzAaiJPeZQo-3qU_o28efnpXmPoJ
Request Chain 299
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_GBZZQ84k6asFSOtBKVDE&google_cver=1&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwksh7RjeF-jaJJyClRQdJWuAmE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxRUQtNS1EWTY0&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwksh7RjeF-jaJJyClRQdJWuAmE
Request Chain 300
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P
Request Chain 304
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987
Request Chain 319
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECVVHIBtn_qZ23Dav11hzXE&google_cver=1&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJwFDwGGctgLHMuWb5FtaHpeJMgu4FCOeOP26VFml_jc HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJwFDwGGctgLHMuWb5FtaHpeJMgu4FCOeOP26VFml_jc&google_hm=lIzPud8qzAQDD0yp0oABjA
Request Chain 320
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5mLQW0_I4QgqHO1Lyj_p7FxhzA8_W0j&google_gid=CAESEH0OPVeViCqJepPnzX_0qXE&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5mLQW0_I4QgqHO1Lyj_p7FxhzA8_W0j&google_gid=CAESEH0OPVeViCqJepPnzX_0qXE&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcxMjAwMzMwMDAxNjEyNzMxODcxNg%3D%3D&google_push=AYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5mLQW0_I4QgqHO1Lyj_p7FxhzA8_W0j
Request Chain 322
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECXsZVoCkw6Pq7Pdkx17ydU&google_cver=1&google_push=AYg5qPKH_Z-QEWfRuN-YWXd8FpQ4zYukOxEleGfhw9_m7VtbROHXKRUJZhhRWubsoKOTMqVM__qqMqWheNNAR-QFxSE7d4spjX9K HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKH_Z-QEWfRuN-YWXd8FpQ4zYukOxEleGfhw9_m7VtbROHXKRUJZhhRWubsoKOTMqVM__qqMqWheNNAR-QFxSE7d4spjX9K
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAMMWxezTXcg9P8LiUa_i8c&google_cver=1&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01iAwC4kLkXN9xNt4bJe7mQ7jth HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxSDktUC0yNEcx&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01iAwC4kLkXN9xNt4bJe7mQ7jth
Request Chain 324
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek&google_cver=1&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek
Request Chain 325
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIigW5hj4vVJqJxIvYRdEk8&google_cver=1&google_push=AYg5qPKhHAUap4nGRv0gSNoxYxX9IrtoETCExp4rSpOMtFeXHShnKDOF9m2haPccS8BAajrP3kCSEgOfg0YL9oLqrcCPpI4nRMdo HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKhHAUap4nGRv0gSNoxYxX9IrtoETCExp4rSpOMtFeXHShnKDOF9m2haPccS8BAajrP3kCSEgOfg0YL9oLqrcCPpI4nRMdo&google_hm=
Request Chain 346
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&spid=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=117683 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=117683&ratenzahlung=24
Request Chain 349
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=113752

367 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ng.kz/
Redirect Chain
  • http://ng.kz/
  • https://ng.kz/
  • https://www.ng.kz/
121 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PHP/7.2.34 PleskLin
Resource Hash
56c8adb5ff74e933ff78154a776c223ded28b45d673cfca0aa31ab28f2143739

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html; charset=cp-1251
x-powered-by
PHP/7.2.34 PleskLin
cache-control
max-age=300, s-maxage=300, proxy-revalidate, post-check=300, pre-check=300 max-age=0
content-encoding
gzip
vary
Accept-Encoding
last-modified
Sat, 27 Nov 2021 11:56:56 GMT
etag
13ffcb43cdd94fe2e4ef8217e28baed8
expires
Sat, 27 Nov 2021 12:00:29 GMT

Redirect headers

server
nginx
date
Sat, 27 Nov 2021 12:00:29 GMT
content-type
text/html; charset=iso-8859-1
content-length
226
location
https://www.ng.kz/
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:29 GMT
x-powered-by
PleskLin
context.js
yandex.ru/ads/system/ 		303 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
221973bc9c8be0f39bcf59d234ce634d50e9ab59a1799e96b05fabb20971f810
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
1306864039
x-yandex-req-id
1638014430488263-1381605435675244689-man0-5167-870-man-l7-balancer-8080-BAL-3399
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 27 Nov 2021 13:00:30 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-43484952-1
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68606caf0a7ec071519a566f20a014622345fc20fd991b4e033619d7fd3e58a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37024
x-xss-protection
0
expires
Sat, 27 Nov 2021 12:00:30 GMT
js
www.googletagmanager.com/gtag/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H4BSNKT7DH
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d5e883b9c3a1d1d0afaac8b5d2599ed3c731ff1565067c40968b64a8b37a136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62517
x-xss-protection
0
expires
Sat, 27 Nov 2021 12:00:30 GMT
jquery.fancybox.css
www.ng.kz/include/fancybox/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/fancybox/jquery.fancybox.css?2.1.5
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Mon, 07 Jan 2019 05:57:21 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5c32ea41-131f"
content-type
text/css
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
style.min.css
www.ng.kz/themes/ng_adp/style/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
9f6a68840c1a5fb9667941cb8f5f5877f61ad79313490e633e8ae12caaf00099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Mon, 30 Aug 2021 04:00:51 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"612c57f3-c120"
content-type
text/css
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
jquery-1.7.2.min.js
www.ng.kz/include/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/jquery-1.7.2.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Sun, 10 Nov 2013 12:18:30 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"527f7996-17278"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
jquery.ui.core.min.js
www.ng.kz/include/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/jquery.ui.core.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
89fb15fce61f63fda81f522790608244c64ad7fa97419343a89730f32f5250c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"503772d8-110b"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
jquery.ui.widget.min.js
www.ng.kz/include/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/jquery.ui.widget.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
9f2a40121153b90a0fa87202918476624861ebe64bc9838c14edfc81fc5d2264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"503772d8-cb8"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
jquery.ui.tabs.min.js
www.ng.kz/include/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/jquery.ui.tabs.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c9823eff72970e10adc03f40b44933eee53fc1f8857b3b70e5759637d5818e73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"503772d8-2d40"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
jquery.fancybox.pack.js
www.ng.kz/include/fancybox/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/fancybox/jquery.fancybox.pack.js?2.1.5
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Mon, 07 Jan 2019 05:57:21 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5c32ea41-5a5f"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
xoops.js
www.ng.kz/include/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/xoops.js?0.92
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3af9a24bcea936419904a0dc04ccc6c59fc1d18f748fc44f49a7035536827ff2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Tue, 28 Jul 2020 16:27:38 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5f2051fa-ebc"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:30 GMT
js
www.googletagmanager.com/gtag/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H4BSNKT7DH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43484952-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
daf832cdf4233e5077eaa55dc5685e66b70545412aef07da0c0b8532f0e8f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61667
x-xss-protection
0
expires
Sat, 27 Nov 2021 12:00:30 GMT
07n.png
www.ng.kz/images/weather/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/weather/07n.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
5738175460eab65bdc42c001078667928bcbe77d2e262bcc7460a5bd818dc31a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"52c17841-13dd"
last-modified
Mon, 30 Dec 2013 13:42:25 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5085
expires
Mon, 27 Dec 2021 12:00:30 GMT
kdp.gif
www.ng.kz/images/banners/kdp/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/kdp/kdp.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
79aef3abc72d34fa4230c90c0b2fe3fd8bbf0bedda8a1d8b2d61033873493c38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"572b5a9e-11877"
last-modified
Thu, 05 May 2016 14:37:18 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
71799
expires
Mon, 27 Dec 2021 12:00:30 GMT
wtsp.jpg
www.ng.kz/images/library/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/wtsp.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
a5af2cbe0a6f02a315dc6c10c28dc4ca4187ed8baf0bac35f17c6cb15632356b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5b22885b-48ee"
last-modified
Thu, 14 Jun 2018 15:23:07 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18670
expires
Mon, 27 Dec 2021 12:00:30 GMT
telegram-1.png
www.ng.kz/images/library/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/telegram-1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
efe62285691e30a7a986ee5836eb2bb025ebea4eac1862ba930ed3d6cb7e6c1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5b228636-4c21"
last-modified
Thu, 14 Jun 2018 15:13:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19489
expires
Mon, 27 Dec 2021 12:00:30 GMT
akciyadm1.jpg
www.ng.kz/images/library/banners/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/banners/akciyadm1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
1d5a12d5947b2d33c2208962bd4c60213e7094e29d6e9099f533c1c765759365

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5fc09015-c1ec"
last-modified
Fri, 27 Nov 2020 05:35:17 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49644
expires
Mon, 27 Dec 2021 12:00:30 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/27/1/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/27/1/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa7694e50a83d9359642535676e24898f60a2cc8157afdb7a105d49dd83d3f8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a1fdde-4255"
last-modified
Sat, 27 Nov 2021 09:43:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16981
expires
Mon, 27 Dec 2021 12:00:30 GMT
cor0.jpg
www.ng.kz/images/library/news_lenta/2021/03/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/03/06/cor0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
df60bcd9e98b9d5efd79a283ddfbf831408340fdb8ae698e1f0331347ece368a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"6043302d-3737"
last-modified
Sat, 06 Mar 2021 07:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14135
expires
Mon, 27 Dec 2021 12:00:30 GMT
torg0.jpg
www.ng.kz/images/library/news_lenta/2021/11/27/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/27/torg0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e63e2c9ca954d1e5952dbdd5feb079b7da3705b9dd89e5333751d86994aec9c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a1d5b1-5275"
last-modified
Sat, 27 Nov 2021 06:52:33 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21109
expires
Mon, 27 Dec 2021 12:00:30 GMT
kart0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/kart0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
274d768490c263fb4bdd8f314a3555130f22c94ed87f5957b41e01c053ba8953

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a069f2-3512"
last-modified
Fri, 26 Nov 2021 05:00:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13586
expires
Mon, 27 Dec 2021 12:00:30 GMT
4fb6bb56-45d1-4f64-9f38-c9b52ba7e875.jpg
www.ng.kz/images/library/news_lenta/2021/11/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/05/4fb6bb56-45d1-4f64-9f38-c9b52ba7e875.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
b69d9ac38195ebffe1576da8e5621443832ad5ce00415307d093e780b4dca55a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"6184b985-22e2"
last-modified
Fri, 05 Nov 2021 04:56:37 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8930
expires
Mon, 27 Dec 2021 12:00:30 GMT
pog0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/pog0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6c5ca42628505188ea96e4abd1c74b0929839ab1944427c9c043a4f02dd34be2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a098e8-3e09"
last-modified
Fri, 26 Nov 2021 08:20:56 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15881
expires
Mon, 27 Dec 2021 12:00:30 GMT
4.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/4.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
79e2e37860da2a28e646389e25ed2499bd1628630186f95b30d66fcb20a7b4c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a0a0ff-24d3"
last-modified
Fri, 26 Nov 2021 08:55:27 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9427
expires
Mon, 27 Dec 2021 12:00:30 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/2/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6c98f48b6d776a27f8cbdf6982d7b538c6798f9104e6329ddb7782248cd015cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"61a09879-4b76"
last-modified
Fri, 26 Nov 2021 08:19:05 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19318
expires
Mon, 27 Dec 2021 12:00:30 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/1/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/1/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
8d5405572f33aa3d9d34080381f87357be3c2c42e71a6fe7588eee4dff3d8eb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61a08b92-59f3"
last-modified
Fri, 26 Nov 2021 07:24:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23027
expires
Mon, 27 Dec 2021 12:00:31 GMT
ugol0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/ugol0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c536e4416810ffea3ae842a538625ee8df6d2b6d17477662a9aa559860744a62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e4a9c-4135"
last-modified
Wed, 24 Nov 2021 14:22:20 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16693
expires
Mon, 27 Dec 2021 12:00:31 GMT
pog0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/pog0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ade545d4bba71c37acdfe9f14c24563cb48a554a2e2d047154912d8327eb1c07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e1a51-4712"
last-modified
Wed, 24 Nov 2021 10:56:17 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18194
expires
Mon, 27 Dec 2021 12:00:31 GMT
den0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/den0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3106f9fc42123fa4e59ac4c0727abfbdfefd6f0ea9346401a9029bf0f99d613e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619de3c0-411f"
last-modified
Wed, 24 Nov 2021 07:03:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16671
expires
Mon, 27 Dec 2021 12:00:31 GMT
sluzh0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/sluzh0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
759d0a91b9127a7cff19e81f0f1f2326fd9ed375415b65206d1b8f3278a8ecb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61a096e8-3cec"
last-modified
Fri, 26 Nov 2021 08:12:24 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15596
expires
Mon, 27 Dec 2021 12:00:31 GMT
ryb0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/ryb0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
9fe03461929503604868af8e4764fecb7403aaf062097dff9ca3c1504af3eb5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61a0711b-58f7"
last-modified
Fri, 26 Nov 2021 05:31:07 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22775
expires
Mon, 27 Dec 2021 12:00:31 GMT
ten0.jpg
www.ng.kz/images/library/news_lenta/2021/11/26/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/26/ten0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
9308c4652cff40b26c33fd03531026d5ef0ed06b0a2782b4755f76a153c5ca12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61a05512-4eef"
last-modified
Fri, 26 Nov 2021 03:31:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20207
expires
Mon, 27 Dec 2021 12:00:31 GMT
poz0.jpg
www.ng.kz/images/library/news_lenta/2021/11/25/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/25/poz0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c030e62c83eb8a2d1a5d0951d9b1c6384ee0a9d3c91422f34c4eb20fde848436

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619f1014-34c5"
last-modified
Thu, 25 Nov 2021 04:24:52 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13509
expires
Mon, 27 Dec 2021 12:00:31 GMT
spas0.jpg
www.ng.kz/images/library/news_lenta/2021/11/22/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/22/spas0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d5a5a4f316fe0235d259de0c75dbac9ccef270b13002a8f89ed8da7c6daacb76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619b61d5-3ced"
last-modified
Mon, 22 Nov 2021 09:24:37 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15597
expires
Mon, 27 Dec 2021 12:00:31 GMT
dtp.jpg
www.ng.kz/images/library/news_lenta/2021/11/21/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/21/dtp.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
080915c97eb36f45adbb0659024af38461905db332fcabdaaf50520c10f58edc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619a2b40-4c07"
last-modified
Sun, 21 Nov 2021 11:19:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19463
expires
Mon, 27 Dec 2021 12:00:31 GMT
5.jpg
www.ng.kz/images/library/news_lenta/2021/11/21/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/21/5.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
0c6ce0f76a035750f9f0ff0c21208adba1a20cdce02818168a61d93b2f2e6204

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"6199e74b-2790"
last-modified
Sun, 21 Nov 2021 06:29:31 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10128
expires
Mon, 27 Dec 2021 12:00:31 GMT
avto0.jpg
www.ng.kz/images/library/news_lenta/2021/11/16/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/16/avto0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f8a3b7d983037b9b18ac386c725f1b8e1e5923f70d93540a676b9b2827ff9e18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61937cd8-398a"
last-modified
Tue, 16 Nov 2021 09:41:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14730
expires
Mon, 27 Dec 2021 12:00:31 GMT
1806.png
www.ng.kz/images/library/news_lenta/2021/11/24/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/1806.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
dcef34820be4c9edb330dea9aef9945ebe3725c9ba3e037d7d15d274a1984091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e233e-f86f"
last-modified
Wed, 24 Nov 2021 11:34:22 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
63599
expires
Mon, 27 Dec 2021 12:00:31 GMT
sud0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/sud0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
427c5d5c1d6867d0cad92a4663f09541558a1bbdf4768d28e8ecdfd2374d1708

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e0b5c-4636"
last-modified
Wed, 24 Nov 2021 09:52:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17974
expires
Mon, 27 Dec 2021 12:00:31 GMT
sud0.jpg
www.ng.kz/images/library/news_lenta/2021/11/22/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/22/sud0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
af81a75952fcae526e9c56297431881ddb3971301d5d0372df5592800a274ca2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619b7065-2ded"
last-modified
Mon, 22 Nov 2021 10:26:45 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11757
expires
Mon, 27 Dec 2021 12:00:31 GMT
3.jpg
www.ng.kz/images/library/news_lenta/2021/11/19/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/19/3.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
b4a2959feafae35849e407ef694a53772ba1c1ded7224fd4eb2689073ea0a46b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"6197b098-d9a"
last-modified
Fri, 19 Nov 2021 14:11:36 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3482
expires
Mon, 27 Dec 2021 12:00:31 GMT
vod0.jpg
www.ng.kz/images/library/news_lenta/2021/11/25/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/25/vod0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
2451dedd85209b4e0ba7723363f8430efafd7e1399848843578f9ed8e7b155a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619f17f1-35ae"
last-modified
Thu, 25 Nov 2021 04:58:25 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13742
expires
Mon, 27 Dec 2021 12:00:31 GMT
lamp0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/lamp0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3062220e0c4ac6547086aea36c9f3c1a428f76990c1eb346b7ba7c3d9c9851ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e4a18-37dd"
last-modified
Wed, 24 Nov 2021 14:20:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14301
expires
Mon, 27 Dec 2021 12:00:31 GMT
brif0.jpg
www.ng.kz/images/library/news_lenta/2021/11/23/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/23/brif0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c303d351e6d02b9ef68e7c96015a688b7ae399b1e41c681344790be7fb0bccb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619cf4b6-3911"
last-modified
Tue, 23 Nov 2021 14:03:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
14609
expires
Mon, 27 Dec 2021 12:00:31 GMT
lamp0.jpg
www.ng.kz/images/library/news_lenta/2021/11/23/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/23/lamp0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
89ff1a843c781c5419ca314b1c78a9a1d51e09f5080ccb035f202d566ac8ba01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619c8d54-2f04"
last-modified
Tue, 23 Nov 2021 06:42:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12036
expires
Mon, 27 Dec 2021 12:00:31 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/23/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/23/1/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
7ab46e0895168250cc19134e309d39506de0e01445559bde5a3f1c51fd58c4d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619c7a78-5659"
last-modified
Tue, 23 Nov 2021 05:22:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22105
expires
Mon, 27 Dec 2021 12:00:31 GMT
IMG_0.jpg
www.ng.kz/images/library/news_lenta/2021/11/19/1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/19/1/IMG_0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
b89ec6fdfb7503794cf71c2678c83a8cf75c025724a3788a6dc6ad52499f96ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61975b7b-4bf6"
last-modified
Fri, 19 Nov 2021 08:08:27 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19446
expires
Mon, 27 Dec 2021 12:00:31 GMT
IMG_0.jpg
www.ng.kz/images/library/news_lenta/2021/11/13/1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/13/1/IMG_0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f7d6a154c751ab71e1a94389614ef4e268c2549332275a0b53ea04545474d665

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"618f331a-4b21"
last-modified
Sat, 13 Nov 2021 03:38:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19233
expires
Mon, 27 Dec 2021 12:00:31 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/10/2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/10/2/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
b77bfab7df097ec60133e2f066c690e996da20929f7e007c3d3ce0a92ba7b7e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"618b863a-4a31"
last-modified
Wed, 10 Nov 2021 08:43:38 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18993
expires
Mon, 27 Dec 2021 12:00:31 GMT
IMG_0.jpg
www.ng.kz/images/library/news_lenta/2021/11/06/1/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/06/1/IMG_0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
88f1f2397a76abb2810ec6f998d6ed32344d8e824471404b793dc06aab17e5ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"61853f24-4eaa"
last-modified
Fri, 05 Nov 2021 14:26:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20138
expires
Mon, 27 Dec 2021 12:00:31 GMT
hok0.jpg
www.ng.kz/images/library/news_lenta/2021/11/25/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/25/hok0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
56aee8ca5b6d8cec760dfc04f8e5697b50d13b6e143baa6cc97aca4b2a555185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619f2495-44eb"
last-modified
Thu, 25 Nov 2021 05:52:21 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17643
expires
Mon, 27 Dec 2021 12:00:31 GMT
hok0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/hok0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
4e8d8038ba97481a3d934aa7924e58bb50bbac028d722e99a954c2ec0e289234

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619dc7ea-49a1"
last-modified
Wed, 24 Nov 2021 05:04:42 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18849
expires
Mon, 27 Dec 2021 12:00:31 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/23/2/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/23/2/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
8bef480a72c4a343c2fcafc5cd2f3b44603c7a037a704efe5257a2d8fa2074de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619c7efa-48c6"
last-modified
Tue, 23 Nov 2021 05:41:14 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18630
expires
Mon, 27 Dec 2021 12:00:31 GMT
00.jpg
www.ng.kz/images/library/news_lenta/2021/11/22/1/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/22/1/00.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6b952b164a45e4735dc9ad7c9ea64bfdc227bec8e0f056485b839738bbbbc058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619b6c50-43b5"
last-modified
Mon, 22 Nov 2021 10:09:20 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17333
expires
Mon, 27 Dec 2021 12:00:31 GMT
fut0.jpg
www.ng.kz/images/library/news_lenta/2021/11/22/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/22/fut0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
895b2d1a05f249bee24932ba5f21a395bec41c6438abfb9dc3efed1216b72a51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619b2a4e-4ccd"
last-modified
Mon, 22 Nov 2021 05:27:42 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19661
expires
Mon, 27 Dec 2021 12:00:31 GMT
more.gif
www.ng.kz/themes/ng_new/images/ 		72 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_new/images/more.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3ad813893eca23e7db59e7eab0a00318812b21b16241e278bd13645ab5596f6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"48-4c8020cf95800"
last-modified
Fri, 24 Aug 2012 12:24:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72
expires
Mon, 27 Dec 2021 12:00:31 GMT
sunrise6.gif
www.ng.kz/images/banners/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/sunrise6.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f25ca3605dd03afc37519cc7928d999ec154ade9a038f5783ce0fdbe66d31970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"5280aa65-16769"
last-modified
Mon, 11 Nov 2013 09:59:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
92009
expires
Mon, 27 Dec 2021 12:00:31 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/6/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/6/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
7576eea0ac49cc811da743051bdb6f14b654990fcd65a61af403cef65fc7cfa5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"619e5ad6-598e"
last-modified
Wed, 24 Nov 2021 15:31:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22926
expires
Mon, 27 Dec 2021 12:00:31 GMT
p8-0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/p8-0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6d74b6de8650cba8319b86e3299350a2e7cf134df7f5e5b6e37c9404be8de760

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619e5679-6814"
last-modified
Wed, 24 Nov 2021 15:12:57 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26644
expires
Mon, 27 Dec 2021 12:00:32 GMT
p11-0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/11/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/11/p11-0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
dcc8dc641c40b463c6b6d45d24c0e97a3df5b92a43bf5ef870ddc1dc62dde80d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619e427a-3161"
last-modified
Wed, 24 Nov 2021 13:47:38 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12641
expires
Mon, 27 Dec 2021 12:00:32 GMT
00.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/14/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/14/00.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
651a78c42be64f054c73759725cc7026c76c5b28f84981ff7d5980a5f4606e9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619e18e5-4a59"
last-modified
Wed, 24 Nov 2021 10:50:13 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19033
expires
Mon, 27 Dec 2021 12:00:32 GMT
0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/21/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/21/0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d19f335612f130b5743e4aac6cf262e5f23c8d74953a0875e255252dbe126ab2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619dc35b-6304"
last-modified
Wed, 24 Nov 2021 04:45:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25348
expires
Mon, 27 Dec 2021 12:00:32 GMT
kon0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/kon0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
a43cec7276876351ba42529cb1dbde8d07ca5c8df508ae3ad17bdfde4b286f00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619dc299-5050"
last-modified
Wed, 24 Nov 2021 04:42:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20560
expires
Mon, 27 Dec 2021 12:00:32 GMT
nd0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/nd0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
dc512017fbc3ed494cc473d36e0f840c6fdb6c427512ebc2b0993ec256b59ba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619dc3a5-3ba9"
last-modified
Wed, 24 Nov 2021 04:46:29 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15273
expires
Mon, 27 Dec 2021 12:00:32 GMT
rec03.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/rec03.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d2e59f4c13b320319947fa6e28cd01f74f22e1dfc8fb7b0c954bc7c2a504f0e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619dc2f7-5737"
last-modified
Wed, 24 Nov 2021 04:43:35 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22327
expires
Mon, 27 Dec 2021 12:00:32 GMT
af0.jpg
www.ng.kz/images/library/news_lenta/2021/06/02/n/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/06/02/n/af0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
982ac5e53c4dd0b53c1778b197873def9e96bee14d026632489034bb64cd2c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"60b75d87-44c7"
last-modified
Wed, 02 Jun 2021 10:29:27 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17607
expires
Mon, 27 Dec 2021 12:00:32 GMT
IMG_0.jpg
www.ng.kz/images/library/news_lenta/2021/11/24/n/28/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2021/11/24/n/28/IMG_0.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d0b37587b3403a5f03d4f662f9427f77809d2b92b520dd948b2d568bbd2e000f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"619dc251-5d65"
last-modified
Wed, 24 Nov 2021 04:40:49 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23909
expires
Mon, 27 Dec 2021 12:00:32 GMT
_.jpg
www.ng.kz/images/library/banners/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/banners/_.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
1b95cc0f82c19d9dcc8fcd06d99e9e372ae681ebcffba695e91afc3e7c02218e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5f44ec9e-5dca"
last-modified
Tue, 25 Aug 2020 10:49:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24010
expires
Mon, 27 Dec 2021 12:00:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc37042d5d187124259238bef5e5aa67dc59ecbc528d567967b809686402743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51211
x-xss-protection
0
server
cafe
etag
5954395735488035730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 12:00:30 GMT
blagotv_2.png
www.ng.kz/images/library/news_lenta/2016/03/22/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/news_lenta/2016/03/22/blagotv_2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
78ca41e2a51eac9ea97c40093e1a7769557841abc40430df6cae8a6153a58772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5f7bea17-284f"
last-modified
Tue, 06 Oct 2020 03:52:55 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10319
expires
Mon, 27 Dec 2021 12:00:30 GMT
more.gif
www.ng.kz/images/ 		72 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/more.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3ad813893eca23e7db59e7eab0a00318812b21b16241e278bd13645ab5596f6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"48-4c802108cdf00"
last-modified
Fri, 24 Aug 2012 12:25:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
72
expires
Mon, 27 Dec 2021 12:00:32 GMT
aqua.gif
www.ng.kz/modules/xoopspoll/images/colorbars/ 		69 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/xoopspoll/images/colorbars/aqua.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
75d8d6e70ff1ca61d1ed5cd847209d6c9d9baa82fb14a066c7d87c26264e8abc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"45-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
69
expires
Mon, 27 Dec 2021 12:00:32 GMT
1x1.gif
www.ng.kz/themes/ng_new/images/ 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_new/images/1x1.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"31-4c8020cf95800"
last-modified
Fri, 24 Aug 2012 12:24:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49
expires
Mon, 27 Dec 2021 12:00:32 GMT
blue.gif
www.ng.kz/modules/xoopspoll/images/colorbars/ 		69 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/xoopspoll/images/colorbars/blue.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
49ac271d15b4546f9582310bf1ccc1a0c94213b3fd2ae5897f9206ff5ab0772b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"45-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
69
expires
Mon, 27 Dec 2021 12:00:32 GMT
brown.gif
www.ng.kz/modules/xoopspoll/images/colorbars/ 		69 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/xoopspoll/images/colorbars/brown.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f43d35d96edafcce9ad9f60e408ad3b446dcb7f4223db00733755c1e07ba4e9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"45-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
69
expires
Mon, 27 Dec 2021 12:00:32 GMT
darkgreen.gif
www.ng.kz/modules/xoopspoll/images/colorbars/ 		70 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/xoopspoll/images/colorbars/darkgreen.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6f1ea225046fa6e89fc1f06dc6d1eb074c53de1cec75bdd765dbfde0a95ae36d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"46-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
70
expires
Mon, 27 Dec 2021 12:00:32 GMT
chance-inform.png
www.ng.kz/images/library/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/library/chance-inform.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f42aa02e534fb3e83b42b37e49b96fedcdc9679e92a9abfe4c2c13cbe6f60521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"61937416-16ef"
last-modified
Tue, 16 Nov 2021 09:04:22 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5871
expires
Mon, 27 Dec 2021 12:00:32 GMT
guests.gif
www.ng.kz/modules/useronline/images/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/useronline/images/guests.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d8d1bb52521f331e9b51731cb3c992be899fa8939c5d4ad3959016c297dbb326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"38d-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
909
expires
Mon, 27 Dec 2021 12:00:32 GMT
members.gif
www.ng.kz/modules/useronline/images/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/useronline/images/members.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
2c287f00d41ff6246820e17777b0a155476214b179c8c2c9cbf6e0ec789f09b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"38d-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
909
expires
Mon, 27 Dec 2021 12:00:32 GMT
total.gif
www.ng.kz/modules/useronline/images/ 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/useronline/images/total.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
1c2ffdaf1a743953a4a0e134b3cf202b59b10fa06e5e593361b9a73e5dad75fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"38d-4c80214206600"
last-modified
Fri, 24 Aug 2012 12:26:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
909
expires
Mon, 27 Dec 2021 12:00:32 GMT
3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/2200384/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/2200384/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b2ad81e1871e5758d3633478061e4bbc3e65a93f89e70426edb6bb4ea503ceeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Sat, 27-Nov-2021 12:00:30 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1497
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:30 GMT
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 27 Nov 2021 12:00:30 GMT
client.js
cdn.gravitec.net/storage/acebaea5ea271126325ba1d3fad29ec6/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/acebaea5ea271126325ba1d3fad29ec6/client.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
12c0127c01129e61322c6a2c5a2d9eefb4f8c0496dc4c6b7bc37ff1fda1d7cb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:35 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 09:56:40 GMT
server
nginx
etag
W/"60893158-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 28 Apr 2021 10:15:03 GMT
cache-control
max-age=10
x-proxy-cache
HIT
addtocopy.js
www.ng.kz/include/ 		2 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/include/addtocopy.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ccd14aeead0d506e194b31501cc429c5f3d77df86654fdf68d119b88389f0b0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
content-encoding
br
last-modified
Mon, 30 Jul 2018 14:58:11 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5b5f2783-6a7"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:32 GMT
28cbefab76110c2a4a12.js
yastatic.net/partner-code-bundles/49546/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49546/28cbefab76110c2a4a12.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
092ba8d8406046d9dc03399304b164b3724bf0fed7446fbd5507d1b371bef431
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.ng.kz/
Origin
https://www.ng.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4458
last-modified
Fri, 26 Nov 2021 16:05:06 GMT
server
nginx/1.17.9
etag
"7d189b42eb2ef1b66a26a19e2d3bc7b3"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Nov 2051 18:35:08 GMT
9ef9b4841edfb319b17f.js
yastatic.net/partner-code-bundles/49546/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49546/9ef9b4841edfb319b17f.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1e9790770f2761e989f338be8cd2560a696a4b3f0013219e91f357546eaf668
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.ng.kz/
Origin
https://www.ng.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17100
last-modified
Fri, 26 Nov 2021 16:05:06 GMT
server
nginx/1.17.9
etag
"82f3bdea8e3f5c5b1ff21133cae1c99f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Nov 2051 18:35:08 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.ng.kz/
Origin
https://www.ng.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Nov 2051 18:32:41 GMT
1321e0e50b1fc6d98706.js
yastatic.net/partner-code-bundles/49546/ 		639 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49546/1321e0e50b1fc6d98706.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
3352b69374004aa2dd4f33c6da65469997ac1e910fde6874be488fbfd9c739d2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.ng.kz/
Origin
https://www.ng.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
131548
last-modified
Fri, 26 Nov 2021 16:05:06 GMT
server
nginx/1.17.9
etag
"d9518b0d28b4c782db067ff775526f67"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Nov 2051 18:31:35 GMT
me4ta_v.1.html
www.ng.kz/images/banners/me4ta_v.8/ Frame 7D1F 		760 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
8a368ef22ea08e41d90cc8b9bab6e5ce8310e1b2162420f61cf57598c13670d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
457
x-accel-version
0.01
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
etag
"2f8-5ce21121c7fef-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
forik.html
www.ng.kz/images/banners/forik_v.6/ Frame 4426 		756 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/forik_v.6/forik.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ad4ae5ece3b4cd0d7cd36b98ad4c71f10d8ffe902f5a8114b231273ba409b5b9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
454
x-accel-version
0.01
last-modified
Fri, 09 Oct 2020 03:54:04 GMT
etag
"2f4-5b134e65daa6b-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
katris.html
www.ng.kz/images/banners/katris_v.3/ Frame E3D2 		757 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/katris_v.3/katris.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
93f7008986d79103c709d511dbc16c399a7f4d726c7fcba5410408334ac28c02

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
454
x-accel-version
0.01
last-modified
Fri, 09 Oct 2020 03:53:20 GMT
etag
"2f5-5b134e3be0745-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
banner-istorii-230.htm
optimizm.kz/banners/ Frame 2A31 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://optimizm.kz/banners/banner-istorii-230.htm
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:5da0:1000::121 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
dc09c557d3c7322c1777a8789fe65c66bbf772daae292b27606d0f4a540c9419
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:31 GMT
content-type
text/html
last-modified
Mon, 25 Nov 2019 07:11:46 GMT
vary
Accept-Encoding
etag
W/"5ddb7eb2-8cc"
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-content-type-options
nosniff
x-powered-by
PleskLin
content-encoding
br
468x60.html
www.ng.kz/images/banners/autodom20210514/ Frame 14C7 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/autodom20210514/468x60.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d46ee8aba242da316c8a6d7d1b5a52b0afcc97d881208d1809ddd7d330898fbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
last-modified
Fri, 14 May 2021 09:59:49 GMT
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
etag
W/"609e4a15-1d5a"
x-powered-by
PleskLin
content-encoding
br
thermapark.html
www.ng.kz/images/banners/thermapark_v.1/ Frame 433E 		760 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
988eb995e91bffef71109304b12858dbf2f334084769fce56672c32af4dc9ed4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
456
x-accel-version
0.01
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
etag
"2f8-5d008bac56854-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
ng_sp.html
www.ng.kz/images/banners/ng_sp/ Frame 73F2 		752 B
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
416d83fb7c901c010b7764e3ed4e72822d3fa03595c980968e8a22458c3a178a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
452
x-accel-version
0.01
last-modified
Thu, 29 Jul 2021 09:33:00 GMT
etag
"2f0-5c83fc9fd2dd9-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
stroitel.html
www.ng.kz/images/banners/stroitel_v.5/ Frame 0383 		759 B
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
21c0f77de3752eae52db428490394865169c0118860ca91cc4c0fa7daf9ced1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

server
nginx
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/html
content-length
455
x-accel-version
0.01
last-modified
Mon, 06 Sep 2021 09:20:57 GMT
etag
"2f7-5cb502ab51b7b-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
x-powered-by
PleskLin
logo-big.png
www.ng.kz/themes/ng_adp/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_adp/images/logo-big.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
dec17b8852b1927c2555ac3551123a6926bf14c5f4e8a445dde4b9975429eb87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5f0d5ec6-c16"
last-modified
Tue, 14 Jul 2020 07:29:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3094
expires
Mon, 27 Dec 2021 12:00:30 GMT
iconw-pressure.png
www.ng.kz/images/weather/ 		249 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/weather/iconw-pressure.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fdf630aaaac77fbc0f3293a806f0b4b9838256edc029a675c49502a732afdc15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"f9-4eed3dc659e80"
last-modified
Tue, 31 Dec 2013 12:40:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
249
expires
Mon, 27 Dec 2021 12:00:30 GMT
iconw-humidity.png
www.ng.kz/images/weather/ 		251 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/weather/iconw-humidity.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
62445cfd42aef59a778256fa7aa70e0c088d8e56e03831831c7c29e80f77d44e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"fb-4eed3dc565c40"
last-modified
Tue, 31 Dec 2013 12:40:09 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
251
expires
Mon, 27 Dec 2021 12:00:30 GMT
iconw-wind-6.png
www.ng.kz/images/weather/ 		172 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/weather/iconw-wind-6.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
436c322138476e5c91dd9a90a8cf26525d99282bf0d21c5854523679cf69eda4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"ac-4eed3dc659e80"
last-modified
Tue, 31 Dec 2013 12:40:10 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
172
expires
Mon, 27 Dec 2021 12:00:30 GMT
icon-social.png
www.ng.kz/themes/ng_adp/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_adp/images/icon-social.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fb6aad111156d4f7e35a0513e5be55b8914c8119a61e3d81050c2130b1761927

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"5f196a2d-cbc"
last-modified
Thu, 23 Jul 2020 10:45:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3260
expires
Mon, 27 Dec 2021 12:00:30 GMT
hr-black.gif
www.ng.kz/themes/ng_new/images/ 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_new/images/hr-black.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
0417721285787f1e990f80c7775f72f5b46876efa5fdeb42f86e7c9f6103721d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"31-4c8020cf95800"
last-modified
Fri, 24 Aug 2012 12:24:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49
expires
Mon, 27 Dec 2021 12:00:30 GMT
header-rightcap.png
www.ng.kz/themes/ng_adp/images/ 		543 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_adp/images/header-rightcap.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
4610de36dc17495aecf29255c5e8db34ef719f5afc1ef2c6f3df5845ae25cc51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"21f-5aa61c3423900"
last-modified
Tue, 14 Jul 2020 07:29:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
543
expires
Mon, 27 Dec 2021 12:00:30 GMT
hr-red.gif
www.ng.kz/themes/ng_new/images/ 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/themes/ng_new/images/hr-red.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
28d8964deecdb064f26635bf7f95ce38d5f46e400d5072f1b0009eb0bdec77b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/themes/ng_adp/style/style.min.css?0.91
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
etag
"31-4c8020cf95800"
last-modified
Fri, 24 Aug 2012 12:24:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49
expires
Mon, 27 Dec 2021 12:00:30 GMT
collect
www.google-analytics.com/g/ 		0
159 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H4BSNKT7DH&gtm=2oeba1&_p=206844759&sr=1600x1200&ul=en-us&cid=626400972.1638014431&_s=1&dl=https%3A%2F%2Fwww.ng.kz%2F&dt=%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sid=1638014430&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4BSNKT7DH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ng.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-43484952-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3563
date
Sat, 27 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 27 Nov 2021 13:01:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame AFBB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 27 Nov 2021 06:55:30 GMT
expires
Sat, 11 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
18300
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bff34b32ce057d1d562c0a2d5db8b39c5832562063607071bde9950580794be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99573
x-xss-protection
0
server
cafe
etag
331848297044515108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 12:00:30 GMT
shop-widget
yoomoney.ru/quickpay/ Frame 528B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
109-235-165-222.yamoney.ru
Software
/
Resource Hash
d0bab8b0073bd0d11a89efd788372db9f143413c2e1b690f5888e0c1e9839c9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

Date
Sat, 27 Nov 2021 12:00:30 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=120
Vary
Accept-Encoding
ETag
W/"237c-K0uxzh/rq6Ld5sj9iYrXEeXB/uE"
Cache-Control
no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Encoding
gzip
Transfer-Encoding
chunked
balance
yoomoney.ru/transfer/balance-informer/
Redirect Chain
  • https://yoomoney.ru/share-balance.xml?id=136187900&key=0580EDD2B48A438D
  • https://yoomoney.ru/transfer/balance-informer/balance?id=136187900&key=0580EDD2B48A438D
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yoomoney.ru/transfer/balance-informer/balance?id=136187900&key=0580EDD2B48A438D
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
HTTP/1.1
Server
109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
109-235-165-222.yamoney.ru
Software
/
Resource Hash
dc4917af5b5d95880156aee474175642c85a66a63f6e7148cedecede4136562a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
5397
X-XSS-Protection
0
Keep-Alive
timeout=120
Referrer-Policy
same-origin
X-Frame-Options
SAMEORIGIN
Expect-CT
max-age=0
Vary
Origin
X-Download-Options
noopen
Content-Type
image/png
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
script-src 'unsafe-eval' 'unsafe-inline' https: 'nonce-8uIfAf3vS3Gr33Qzb9ip0A==' 'strict-dynamic' 'report-sample';object-src 'none';base-uri 'none';report-uri /transfer/platform/report-csp;

Redirect headers

Location
https://yoomoney.ru/transfer/balance-informer/balance?id=136187900&key=0580EDD2B48A438D
Date
Sat, 27 Nov 2021 12:00:30 GMT
Connection
keep-alive
Keep-Alive
timeout=120
Content-Length
162
Content-Type
text/html
tag.js
mc.yandex.ru/metrika/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-101bc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65980
expires
Sat, 27 Nov 2021 13:00:30 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069
  • https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069
253 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6c3748a7f317defcf7e7806f6279dadec51deb1a62cc47158ce68d68a4faacd4
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:30 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
253
Expires
Thu, 26 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:30 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//www.ng.kz/;h%u041D%u0430%u0448%u0430%20%u0413%u0430%u0437%u0435%u0442%u0430;0.9145896251290069
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 26 Nov 2020 21:00:00 GMT
z.js
c.zero.kz/
Redirect Chain
  • https://c.zero.kz/z.js
  • https://c.zero.kz/z.js?c=d0434d35d6b928
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.zero.kz/z.js?c=d0434d35d6b928
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Server
91.201.214.115 Almaty, Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
zero-web-01.neolabs.net
Software
nginx /
Resource Hash
80536d521bf51a4c1831948af89b46b6aeaa902cdcd3b89a7898cdee14bd95cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
cache-control
private
content-type
application/javascript; charset=utf-8
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Sat, 04 Dec 2021 12:00:31 GMT

Redirect headers

location
?c=d0434d35d6b928
date
Sat, 27 Nov 2021 12:00:31 GMT
server
nginx
content-length
162
content-type
text/html
top_ajax.php
www.ng.kz/modules/newbb_plus/blocks/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/modules/newbb_plus/blocks/top_ajax.php?p=1
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/include/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PHP/7.2.34, PleskLin
Resource Hash
ab4ecc8268a533008fab2a642a8b2887979a3861265bd39c193587c516e3831a

Request headers

Accept
*/*
Referer
https://www.ng.kz/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=windows-1251
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
top_ajax.php
www.ng.kz/modules/newspaper/blocks/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/modules/newspaper/blocks/top_ajax.php?numberid=802&p=1&t=1
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/include/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PHP/7.2.34, PleskLin
Resource Hash
31b4846e4a79ee7a1bceef910db324af3012fee9cb0a1efe07d34254a19ac25b

Request headers

Accept
*/*
Referer
https://www.ng.kz/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=windows-1251
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
top_ajax.php
www.ng.kz/modules/newspaper/blocks/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/modules/newspaper/blocks/top_ajax.php?numberid=802&p=1&t=2
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/include/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PHP/7.2.34, PleskLin
Resource Hash
5cee066424a07684752dd84ab411edd8f925fe859bb9e50dd7ef36a1e80e546a

Request headers

Accept
*/*
Referer
https://www.ng.kz/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=windows-1251
cache-control
max-age=0
expires
Sat, 27 Nov 2021 12:00:30 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=206844759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ng.kz%2F&ul=en-us&de=windows-1251&dt=%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=489375305&gjid=1183652654&cid=626400972.1638014431&tid=UA-43484952-1&_gid=1151605329.1638014431&_r=1&gtm=2ouba1&z=641592497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ng.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		347 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ng.kz/
Origin
https://www.ng.kz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sun, 27 Nov 2022 11:24:29 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43484952-1&cid=626400972.1638014431&jid=489375305&gjid=1183652654&_gid=1151605329.1638014431&_u=YADAAUAAAAAAAC~&z=1880502359
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 27 Nov 2021 12:00:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.ng.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		195 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.ng.kz&callback=_gfp_s_&client=ca-pub-4743952843388744
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e896e8ce93e01c0af8570e0d17435c36a62e5f026595e82328974135bae81965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ng.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ng.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Nov 2021 12:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D4AA 		126 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef44d875b739f502c90237521c4cd1fd5eef13008d9f4861d9c8a65182adaade
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzKqqK_uPQCFWBZFQgdlFQFGQ&gqi=3h2iYfufN9SXtwe7x5XADQ&layout=/sadbundle/%24csp%253Der3%24/155014928956500899/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJzKqqK_uPQCFWBZFQgdlFQFGQ&gqi=3h2iYfufN9SXtwe7x5XADQ&layout=/sadbundle/%24csp%253Der3%24/155014928956500899/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 27 Nov 2021 12:00:31 GMT
server
cafe
content-length
41004
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:31 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C79A 		154 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&adk=2854383584&adf=3228828784&lmt=1638014216&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ng.kz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430791&bpp=1&bdt=407&idt=84&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24e11ecea4456251642605dfb97c5ffac4938431a8248642e95207394a1a54e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 27 Nov 2021 12:00:31 GMT
server
cafe
content-length
39145
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:31 GMT
cache-control
private
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9470.4fZgj0f4GveIHn_1nkrkPYs9ncfKSNZYQHynGb0f0AqhaVwgET780Ufrw89RQujT.O7taTG-TzcmF_dGYC97_oZkaD74%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9470.1uoRmIxF_iRQUPp1SzJx6iCupWqYzRSgI_GWTmbEgeqIW2Owh89tIFypcchZc_eYUGO-huU6gs-qoRHokzLqyQ%2C%2C.u1eYyZrwKpOnF1OxM-lUxbMlGyo%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9470.1uoRmIxF_iRQUPp1SzJx6iCupWqYzRSgI_GWTmbEgeqIW2Owh89tIFypcchZc_eYUGO-huU6gs-qoRHokzLqyQ%2C%2C.u1eYyZrwKpOnF1OxM-lUxbMlGyo%2C
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9470.1uoRmIxF_iRQUPp1SzJx6iCupWqYzRSgI_GWTmbEgeqIW2Owh89tIFypcchZc_eYUGO-huU6gs-qoRHokzLqyQ%2C%2C.u1eYyZrwKpOnF1OxM-lUxbMlGyo%2C
date
Sat, 27 Nov 2021 12:00:31 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame 139E 		165 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&adk=2854383584&adf=1745894916&lmt=1638014216&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ng.kz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430808&bpp=1&bdt=424&idt=107&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C0x0&nras=2&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=111
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0afb5d8a49cc6346295cf32690361b98f69331c460322fe9eaa2671154f3d093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 27 Nov 2021 12:00:31 GMT
server
cafe
content-length
38830
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:31 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43484952-1&cid=626400972.1638014431&jid=489375305&_u=YADAAUAAAAAAAC~&z=1548757717
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43484952-1&cid=626400972.1638014431&jid=489375305&_u=YADAAUAAAAAAAC~&z=1548757717
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:30 GMT
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Nov 2021 13:00:30 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 14C7 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/autodom20210514/468x60.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Nov 2021 12:00:31 GMT
468x60.js
www.ng.kz/images/banners/autodom20210514/ Frame 14C7 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/autodom20210514/468x60.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/autodom20210514/468x60.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fea85148216024af3214f1d1efecf51f3bb4b9328e1cb8b43f5b5e5cb12b8764

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/autodom20210514/468x60.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 14 May 2021 09:59:49 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"609e4a15-121fb"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/me4ta_v.8/edge_includes/ Frame 7D1F 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 05:25:17 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61651c3d-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/katris_v.3/edge_includes/ Frame E3D2 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/katris_v.3/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/katris_v.3/katris.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Wed, 07 Nov 2018 04:42:35 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5be26d3b-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/forik_v.6/edge_includes/ Frame 4426 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/forik_v.6/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/forik_v.6/forik.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 24 Sep 2018 02:43:59 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5ba84f6f-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/stroitel_v.5/edge_includes/ Frame 0383 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6135dd7a-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/ng_sp/edge_includes/ Frame 73F2 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/ng_sp/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/ng_sp/ng_sp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"610275cd-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
edge.6.0.0.min.js
www.ng.kz/images/banners/thermapark_v.1/edge_includes/ Frame 433E 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/edge_includes/edge.6.0.0.min.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 05 Nov 2021 11:13:14 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"618511ca-197d1"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
GfFxve9Y6WTMkkwZEZd0mIkGgf8.css
static.yoomoney.ru/makeupd/_/ Frame 528B 		61 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/GfFxve9Y6WTMkkwZEZd0mIkGgf8.css
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
8c1ee18eb9774e807581310fe5db3dad8ced4bfa8a2ad36a1b8012d58c0a2119

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:38 GMT
Server
nginx
etag
W/"57d0059eca95cc0b4a92b82f776c6d50"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
GK7siYC0l1M-6j-_qbA_-2i6wa0.css
static.yoomoney.ru/makeupd/_/ Frame 528B 		30 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/GK7siYC0l1M-6j-_qbA_-2i6wa0.css
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
13604c6b80d5e6ce9d13f2761b76929a3010702e3679c07c2038257ecf38b70b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:39 GMT
Server
nginx
etag
W/"e31eead2f3eecf6bbe1f6319b46219db"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
lodash.min.js
static.yoomoney.ru/files-front/libs/lodash/4.5.1/ Frame 528B 		121 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/files-front/libs/lodash/4.5.1/lodash.min.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
0979b35103ffa497dab8e62aba344b213725750c85376ce87de3a48dc3d68b76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Thu, 08 Jul 2021 12:23:00 GMT
Server
nginx
etag
W/"94cb4013083d6624379e2d87cec67883"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
babel-polyfill.min.js
static.yoomoney.ru/files-front/libs/ Frame 528B 		96 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/files-front/libs/babel-polyfill.min.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Thu, 08 Jul 2021 12:23:00 GMT
Server
nginx
etag
W/"6fef55c62df380d41c8f42f8b0c1f4da"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
CUziEUY0z7BUKtX3yJkDqzs27yQ.js
static.yoomoney.ru/makeupd/_/ Frame 528B 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/CUziEUY0z7BUKtX3yJkDqzs27yQ.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
59da8cdf13013df822c0f9d43ec1ededdf2407398aa0643cccca82fdddf889aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:58 GMT
Server
nginx
etag
W/"5c625d3530becab03959da83bb6b1daa"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
OFH9Olbk1M1jVleRhhJm9cZ_8js.js
static.yoomoney.ru/makeupd/_/ Frame 528B 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/OFH9Olbk1M1jVleRhhJm9cZ_8js.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
c0c95ac18b03334de6237f9ff039a9239135b60785e5b3b43399bad4b22f299c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Thu, 23 Sep 2021 08:38:58 GMT
Server
nginx
etag
W/"d02635dac1a4b984ba39f2968cb7f5a1"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
GUtdxekunrp-Gx4dlAcITHl_HjQ.js
static.yoomoney.ru/makeupd/_/ Frame 528B 		150 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/GUtdxekunrp-Gx4dlAcITHl_HjQ.js
Requested by
Host: yoomoney.ru
URL: https://yoomoney.ru/quickpay/shop-widget?writer=buyer&targets=&targets-hint=%D0%94%D0%BB%D1%8F%20%D1%83%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA%D0%B0...&default-sum=&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=&quickpay=shop&account=410011221238975
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
31705322caf9bb8452a5cf0440285cc0d7239b03246c3fc93fd483de8c416a20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:58 GMT
Server
nginx
etag
W/"59e2631d75f1bc272f14830a536eac6e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
1
mc.yandex.com/watch/2200384/
Redirect Chain
  • https://mc.yandex.com/watch/2200384?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
  • https://mc.yandex.com/watch/2200384/1?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3A...
350 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/2200384/1?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1583621166718%3Ahid%3A681708894%3Az%3A0%3Ai%3A20211127120030%3Aet%3A1638014431%3Ac%3A1%3Arn%3A138891707%3Arqn%3A1%3Au%3A16380144319429825%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638014428459%3Ads%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C382%2C26%2C%2C%2C%2C2307%3Adsn%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C281%2C27%2C%2C%2C%2C2307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638014431%3At%3A%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d8022d2f49329611a8e97cfeca902dad90431e2e5a784c029ab988194aead507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:31 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Nov-2021 12:00:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:31 GMT
last-modified
Sat, 27-Nov-2021 12:00:31 GMT
location
/watch/2200384/1?wmode=7&page-url=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A2232%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1583621166718%3Ahid%3A681708894%3Az%3A0%3Ai%3A20211127120030%3Aet%3A1638014431%3Ac%3A1%3Arn%3A138891707%3Arqn%3A1%3Au%3A16380144319429825%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638014428459%3Ads%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C382%2C26%2C%2C%2C%2C2307%3Adsn%3A0%2C0%2C1119%2C104%2C674%2C0%2C%2C281%2C27%2C%2C%2C%2C2307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638014431%3At%3A%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:31 GMT
banner-istorii-uspeha-230.jpg
optimizm.kz/banners/ Frame 2A31 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optimizm.kz/banners/banner-istorii-uspeha-230.jpg
Requested by
Host: optimizm.kz
URL: https://optimizm.kz/banners/banner-istorii-230.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:5da0:1000::121 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b024a1d69f547ee5b40cf8e6a1c6ca635ebfca8702d6f36ccbb975c62d2abaf5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optimizm.kz/banners/banner-istorii-230.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
x-content-type-options
nosniff
last-modified
Fri, 22 Nov 2019 08:18:07 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
10546
etag
"5dd799bf-2932"
expires
Thu, 31 Dec 2037 23:55:55 GMT
hit
counter.yadro.ru/ Frame 2A31
Redirect Chain
  • https://counter.yadro.ru/hit?t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u04...
  • https://counter.yadro.ru/hit?q;t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u...
239 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u0438%u0438-%u0423%u0441%u043F%u0435%u0445%u0430;0.9314923143683822
Requested by
Host: optimizm.kz
URL: https://optimizm.kz/banners/banner-istorii-230.htm
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a403d5a1121714e99031cbd3a8afce12ac3da6d99bb24264807630d9e8d7effb
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optimizm.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
239
Expires
Thu, 26 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.6;rhttps%3A//www.ng.kz/;s1600*1200*24;uhttps%3A//optimizm.kz/banners/banner-istorii-230.htm;h%u0411%u0430%u043D%u043D%u0435%u0440-%u0418%u0441%u0442%u043E%u0440%u0438%u0438-%u0423%u0441%u043F%u0435%u0445%u0430;0.9314923143683822
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 26 Nov 2020 21:00:00 GMT
watch.js
mc.yandex.ru/metrika/ Frame 2A31 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: optimizm.kz
URL: https://optimizm.kz/banners/banner-istorii-230.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optimizm.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-b7ad"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47021
expires
Sat, 27 Nov 2021 13:00:31 GMT
48994244
mc.yandex.com/watch/ Frame 2A31 		350 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/48994244?wmode=7&page-url=https%3A%2F%2Foptimizm.kz%2Fbanners%2Fbanner-istorii-230.htm&page-ref=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1042739488555%3Ahid%3A719320668%3Az%3A0%3Ai%3A20211127120031%3Aet%3A1638014431%3Ac%3A1%3Arn%3A213832606%3Arqn%3A1%3Au%3A1638014431870139307%3Aw%3A230x125%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638014430629%3Ads%3A115%2C214%2C107%2C0%2C1%2C0%2C%2C9%2C0%2C%2C%2C%2C452%3Adsn%3A115%2C214%2C107%2C0%2C1%2C0%2C%2C11%2C0%2C%2C%2C%2C452%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638014431%3At%3A%D0%91%D0%B0%D0%BD%D0%BD%D0%B5%D1%80-%D0%98%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8-%D0%A3%D1%81%D0%BF%D0%B5%D1%85%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5abbe22f1095bf3236693bfaab20665eb7dd5b70a44fb4760c4b04025c5c57c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optimizm.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:31 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Nov-2021 12:00:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://optimizm.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:31 GMT
advert.gif
mc.yandex.com/metrika/ Frame 2A31 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optimizm.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Nov 2021 13:00:31 GMT
tag_blue.gif
www.ng.kz/images/icons/ 		351 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/icons/tag_blue.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
08cda10a97734aafdb7267d49a070e756a24d9b2b12c6bcbf9c181f58017d7c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"15f-4c802108cdf00"
last-modified
Fri, 24 Aug 2012 12:25:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
351
expires
Mon, 27 Dec 2021 12:00:31 GMT
forum_lastpost.gif
www.ng.kz/modules/newbb_plus/images/imagesets/newbb/ 		64 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/modules/newbb_plus/images/imagesets/newbb/forum_lastpost.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ee386c1a12ac8958200c08b6496b8b9054833661d1a3cbf89ad4a306f6ab8838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"40-4c83cf9b7ae00"
last-modified
Mon, 27 Aug 2012 10:42:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/gif
x-accel-version
0.01
cache-control
max-age=2592000
accept-ranges
bytes
content-length
64
expires
Mon, 27 Dec 2021 12:00:32 GMT
_3.jpg
www.ng.kz/images/banners/autodom20210514/images/ Frame 14C7 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/autodom20210514/images/_3.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
22c01a4baad0cb3e47ef03f440716bc8264268e505c87835d3d8b4a1865fad00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/autodom20210514/468x60.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
etag
"609e4a15-15084"
last-modified
Fri, 14 May 2021 09:59:49 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
86148
expires
Mon, 27 Dec 2021 12:00:31 GMT
me4ta_v.1_edge.js
www.ng.kz/images/banners/me4ta_v.8/ Frame 7D1F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61651c3c-10ed"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
forik_edge.js
www.ng.kz/images/banners/forik_v.6/ Frame 4426 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/forik_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/forik_v.6/forik.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 24 Sep 2018 02:43:56 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5ba84f6c-2f71"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
truncated
/ Frame 528B 		151 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
290af256ae2e41a4ba2a4bc48c9836ca7e6fd200ff3e29cb5630820ce20f75f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
sqJ2MGna3IZGNFXC9k4QOrzUG-c.svg
static.yoomoney.ru/makeupd/_/ Frame 528B 		668 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yoomoney.ru/makeupd/_/sqJ2MGna3IZGNFXC9k4QOrzUG-c.svg
Requested by
Host: static.yoomoney.ru
URL: https://static.yoomoney.ru/makeupd/_/GK7siYC0l1M-6j-_qbA_-2i6wa0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
53fb0a91995bf1fe7c9bc7ca7773ae1ae76bb350967c190123abb15c98053d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.yoomoney.ru/makeupd/_/GK7siYC0l1M-6j-_qbA_-2i6wa0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:47 GMT
Server
nginx
etag
W/"81719f505b4843d2e27b76e2bde93fa1"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
znDCcGN9U__lRVsmiQ6akvmMXuE.svg
static.yoomoney.ru/makeupd/_/ Frame 528B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yoomoney.ru/makeupd/_/znDCcGN9U__lRVsmiQ6akvmMXuE.svg
Requested by
Host: static.yoomoney.ru
URL: https://static.yoomoney.ru/makeupd/_/GK7siYC0l1M-6j-_qbA_-2i6wa0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
90c6deed367ca50fb856426567e29f814451f8c5a934d7ca6847d9fa7180f963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.yoomoney.ru/makeupd/_/GK7siYC0l1M-6j-_qbA_-2i6wa0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Fri, 17 Sep 2021 11:10:45 GMT
Server
nginx
etag
W/"67406c14ae2d23995f42afb41de98c91"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
truncated
/ Frame 528B 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e3527e17719927fa4b18e350a61a9213abcce23cf32413a49c8a4481b326bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
sIJpt2WHDXpNt0Pyuj-a0ZnY-h8.woff
static.yoomoney.ru/makeupd/_/ Frame 528B 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/makeupd/_/sIJpt2WHDXpNt0Pyuj-a0ZnY-h8.woff
Requested by
Host: static.yoomoney.ru
URL: https://static.yoomoney.ru/makeupd/_/GfFxve9Y6WTMkkwZEZd0mIkGgf8.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
6cb0a771fbc5512e0d5aae15bde8a4926c9ff9856fc3f87a32e5f8b647a8e1dd

Request headers

Referer
https://static.yoomoney.ru/makeupd/_/GfFxve9Y6WTMkkwZEZd0mIkGgf8.css
Origin
https://yoomoney.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
last-modified
Fri, 17 Sep 2021 11:10:37 GMT
Server
nginx
etag
"335b04338e4cf022316b195eb7ed2c1c"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=120
Content-Length
1788
Expires
Tue, 25 Aug 2025 14:20:35
thermapark_edge.js
www.ng.kz/images/banners/thermapark_v.1/ Frame 433E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/thermapark_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 05 Nov 2021 11:13:14 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"618511ca-2d94"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
ng_sp_edge.js
www.ng.kz/images/banners/ng_sp/ Frame 73F2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/ng_sp_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/ng_sp/ng_sp.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:33:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"610275cc-2858"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
stroitel_edge.js
www.ng.kz/images/banners/stroitel_v.5/ Frame 0383 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/stroitel_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 06 Sep 2021 09:20:57 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6135dd79-282b"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a65680deae5745569a30df819ea0267e4d177eec7351c46cf02edd492d88a5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53389
x-xss-protection
0
server
cafe
etag
3368992545149646313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 27 Nov 2021 12:00:31 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ng.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ng.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 20F0 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b283039203e824d6d959a8e1c66e6320d1a1d4f5746176ba3454d41e0535462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 27 Nov 2021 12:00:32 GMT
server
cafe
content-length
10924
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:32 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 09DB 		29 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7854563155e31fd7e2853bcf31ae8208f409baef17e286fb5094fc12b439d78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 27 Nov 2021 12:00:32 GMT
server
cafe
content-length
12359
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:32 GMT
cache-control
private
katris_edge.js
www.ng.kz/images/banners/katris_v.3/ Frame E3D2 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/katris_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/katris_v.3/katris.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Wed, 07 Nov 2018 04:42:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5be26d34-2114"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
jquery.min.js
static.yoomoney.ru/files-front/libs/jquery/1.8.3/ Frame 528B 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yoomoney.ru/files-front/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: static.yoomoney.ru
URL: https://static.yoomoney.ru/makeupd/_/OFH9Olbk1M1jVleRhhJm9cZ_8js.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.71.78.18 , Russian Federation, ASN43247 (YOOMONEY-AS, RU),
Reverse DNS
185-71-78-18.yamoney.ru
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:31 GMT
Content-Encoding
gzip
last-modified
Thu, 08 Jul 2021 12:23:00 GMT
Server
nginx
etag
W/"3576a6e73c9dccdbbc4a2cf8ff544ad7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age = 315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=120
Expires
Tue, 25 Aug 2025 14:20:35
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/ Frame 8544 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 27 Nov 2021 11:15:29 GMT
expires
Sat, 11 Dec 2021 11:15:29 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
2702
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
me4ta_v.1_edge.js
www.ng.kz/images/banners/me4ta_v.8/ Frame 7D1F 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/me4ta_v.8/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
1de638bbeea976afd77759a7c02b3d49da0379a456a85c96fc78dc65953f9014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61651c3c-10ed"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
forik_edge.js
www.ng.kz/images/banners/forik_v.6/ Frame 4426 		12 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/forik_v.6/forik_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/forik_v.6/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
5ce61033bb97a85cf6efa08d54875b366d6909c6a126a24a636508dab0054b37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 24 Sep 2018 02:43:56 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5ba84f6c-2f71"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
thermapark_edge.js
www.ng.kz/images/banners/thermapark_v.1/ Frame 433E 		11 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/thermapark_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/thermapark_v.1/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f9d386610b3277ff5b5908f17bdbfea3eaaf2bf5568c6c7332f6366ebe43377d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 05 Nov 2021 11:13:14 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"618511ca-2d94"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
ng_sp_edge.js
www.ng.kz/images/banners/ng_sp/ Frame 73F2 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/ng_sp/ng_sp_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/ng_sp/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ed223dc7944163641f64146fa0c67289352bd629a12f058a4bb409f870f44008

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:33:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"610275cc-2858"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
stroitel_edge.js
www.ng.kz/images/banners/stroitel_v.5/ Frame 0383 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/stroitel_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/stroitel_v.5/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
4bb8f9580985428d6b477dd8308073b0420f124283d0166e0b16fdc93096114b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 06 Sep 2021 09:20:57 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6135dd79-282b"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C79A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20211111&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&adk=2854383584&adf=3228828784&lmt=1638014216&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ng.kz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430791&bpp=1&bdt=407&idt=84&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=88
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efa9e652d45b3e2d1145a5e08c3ade6409ddc1168f67e5ea2a608d49bcf9dfd1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
1503
date
Tue, 23 Nov 2021 23:11:00 GMT
expires
Wed, 23 Nov 2022 23:11:00 GMT
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
305371
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 7132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9xDI3h2iYZzjN-Cy1fAPlKmVyAGS4bPdZqWHnuzmDrbs7OyuCRABIN6-8x9glYqzgsAHoAG46IrAA8gBCakCPVGexJX9sj6oAwHIA0iqBMMBT9BYk4lHVqvXZJkt8geoQCXk5RNSHGXhJ-Yre_DXaDJUO1IRJPexEM-vMNvGx3TG_luWa5j_Roxe8Vx01Fkgwmx1l5MqDrw5jP3c95YEy5IlPIYSa-xYnvIf7HjQ15tM4JJqFWKgh4yWqi3Jexohe3BgQTUMQHzeVlbgqGgjhmiBnrCkdnhzSnBNcQe5dPwkKK-01ZO1adh_kAFZKwmEwVNhUfK5xmPODC2K-Os2DAy9LEnb7isEqR4OPBjKiOHk2GnAwATz1Kbc4AOgBi6AB7CX9T-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCqvwnSCAkIgOGAEBABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNDc0Mzk1Mjg0MzM4ODc0NBgA&sigh=5p8_B11s_Y0&uach_m=[UACH]&template_id=419
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 27 Nov 2021 12:00:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 7132 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:56:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7132 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 12:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7132 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Nov 2021 12:00:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7132 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:59:58 GMT
z.png
c.zero.kz/ 		464 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.zero.kz/z.png?u=943&t=1&cc=d0434d35d6b928&s=61a21ddfc4fc1&sh=1&slt=0&d=0&wd=1600&hg=1200&cd=24&w=1600&h=1200&ln=en-us&je=0&cs=windows-1251&ce=1&du=https%3A%2F%2Fwww.ng.kz%2F&tz=0&dt=%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&11.693474500528096
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.201.214.115 Almaty, Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
zero-web-01.neolabs.net
Software
nginx /
Resource Hash
4b49acbc99b5f0bf378d02020a37407d3faf8534c3fe7301ab4fcda10faffa48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa OUR IND UNI COM NAV INT PRE"
content-type
image/png
css
fonts.googleapis.com/ Frame 8544 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Nov 2021 11:45:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Nov 2021 12:00:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Nov 2021 12:00:31 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8544 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:59:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:59:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C82053h2iYcXvN-eS1fAPzoui6AH41oTJZqHf_IqlD2QQASDevvMfYJWKs4LAB6ABzKiw4APIAQmpAj1RnsSV_bI-qAMByAPLBKoEvwFP0Ckm3_gPdqmb_CzC6VFupFmnOKO09z2c8A7f2eIUB0gQ2o-9o21pIDztK_ytStdVn6iMRvwcvjljgm0LoAm4Z3xrJ4jNzBAGnkU-DKU4HYipIIG3uu2Q6KRMU95PPp4qfRz4XTRHpmXiCRLHKetCBNcbEVhn3p1IsoQd9-fFAL5dXSyIA88bBwb00XA-gmeiW_8IHf1ut1e5S2Eb3Ifkv8lyOIUVRs_7F4jbSiceaRXL4cC1_pwgBSp3nFGohMAE-qqhzekDkgUECAQYAZIFBAgFGASgBi6AB5zysiCoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCRlgPSCAkIgOGAEBABGF-ACgHICwGYDLbRs-zyA7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNDc0Mzk1Mjg0MzM4ODc0NBgA&sigh=33TtCzezXyQ&uach_m=[UACH]&template_id=515
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 27 Nov 2021 12:00:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8544 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:56:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8544 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 12:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8544 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Nov 2021 12:00:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8544 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:57:57 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 8544 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 12:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 24 Feb 2022 12:44:20 GMT
katris_edge.js
www.ng.kz/images/banners/katris_v.3/ Frame E3D2 		8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/katris_v.3/katris_edge.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/katris_v.3/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
139035f83574be143256edc8d5ef0d51d3e4669942a85f9da1943feb137bc9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Wed, 07 Nov 2018 04:42:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5be26d34-2114"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
18076485150489721097
tpc.googlesyndication.com/simgad/ Frame 8544 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18076485150489721097?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:29:14 GMT
x-content-type-options
nosniff
age
106277
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3119
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 09:02:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 06:29:14 GMT
tag.js
mc.yandex.ru/metrika/ Frame 528B 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: static.yoomoney.ru
URL: https://static.yoomoney.ru/makeupd/_/OFH9Olbk1M1jVleRhhJm9cZ_8js.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-101bc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65980
expires
Sat, 27 Nov 2021 13:00:31 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8D80 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 27 Nov 2021 11:02:16 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3495
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7132 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26751f31f8cb18f9474ceca7fcba91b33ba15cee485185d7a347c8ef015ab5ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D608 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 16:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 27 Nov 2021 16:08:31 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D608 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 27 Nov 2021 16:13:39 GMT
tinyanimatefix.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		882 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/tinyanimatefix.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
261034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
362
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 11:29:57 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 11:29:57 GMT
tinyanimatemin.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/tinyanimatemin.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
261034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1138
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 11:29:57 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 11:29:57 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		2 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5347121468c3817e5261b94b958e7d4bdcc9c1e16ac6b750c7ddc044ff335212
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
218573
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
711
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:38 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:38 GMT
css2
fonts.googleapis.com/ Frame D608 		1 KB
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Varela+Round&display=swap
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Nov 2021 11:37:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Nov 2021 12:00:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Nov 2021 12:00:31 GMT
txt_verschwommen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/txt_verschwommen.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2c5b702ab3a83e3c2f07ea6376fbe989bbce06ad18dfcbd58f0460a0de33c9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
105191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15414
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Fri, 26 Nov 2021 06:47:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 26 Nov 2022 06:47:20 GMT
brille.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/brille.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e90744876510c3d30951a4f1a14c6b292a2e9fea3ec084eebb55717f928002a9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19992
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
date.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/date.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
850692e8bb0d9821e1312a461f1db53c185e027d92a1668fcfdb4af8eae7fb34
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3037
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/txt3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d8e7da5fa8f3002ba6683298d19271ab7f53fd433f654cba9b7db6362bc18f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
280619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5811
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 06:03:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 06:03:32 GMT
button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/button.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d2dac16f1b22edd37d7a8b907e8930c580e30ec97860ba98973b16809f8b6b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
305371
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3232
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Tue, 23 Nov 2021 23:11:00 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Nov 2022 23:11:00 GMT
logo_essilor_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/logo_essilor_white.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d749dbed0c3aa0d6e712f6ae447b94e084671981a141b40a6243b306e21caf27
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1656
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
logo_essilor_txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/logo_essilor_txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a76b6f87ed1d7d48153d25dbcd258af66c578fecb477a56265d604e18dc12e8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1967
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
logo_essilor_txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/logo_essilor_txt2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01e30623f1fc127891dee76829fb2eb49cfa3879d193de851b91e45c951849cb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1888
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
logo_essilor.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/logo_essilor.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b31a8c1eaabb1e6d21a5b0cb05319814c94c5887681e08268c51aadaeddce4c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
278814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4117
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 06:33:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 06:33:37 GMT
logo_615ac8c165906.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/logo_615ac8c165906.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
657256b99ef85490a8c85108fc218e539d6d4eea7679646fdc3e7696e173768a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
348118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53068
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Tue, 23 Nov 2021 11:18:33 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Nov 2022 11:18:33 GMT
me4ta_v.1_edgeActions.js
www.ng.kz/images/banners/me4ta_v.8/ Frame 7D1F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61651c3c-47b"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
forik_edgeActions.js
www.ng.kz/images/banners/forik_v.6/ Frame 4426 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/forik_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 24 Sep 2018 02:43:56 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5ba84f6c-4a6"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
ng_sp_edgeActions.js
www.ng.kz/images/banners/ng_sp/ Frame 73F2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/ng_sp_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:33:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"610275cc-495"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
thermapark_edgeActions.js
www.ng.kz/images/banners/thermapark_v.1/ Frame 433E 		786 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/thermapark_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
etag
W/"312-5d008bab9046f"
last-modified
Fri, 05 Nov 2021 11:13:14 GMT
x-accel-version
0.01
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=31536000
server
nginx
expires
Sun, 27 Nov 2022 12:00:31 GMT
stroitel_edgeActions.js
www.ng.kz/images/banners/stroitel_v.5/ Frame 0383 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/stroitel_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 06 Sep 2021 09:20:57 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6135dd79-478"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
truncated
/ Frame 8544 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91e0fb6ae163e3c408603c1acb55f9f9235a91154a24d02ce5a430a76e70f496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
katris_edgeActions.js
www.ng.kz/images/banners/katris_v.3/ Frame E3D2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/katris_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Wed, 07 Nov 2018 04:42:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5be26d34-49a"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
11859922
mc.yandex.com/watch/ Frame 528B 		366 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/11859922?wmode=7&page-url=https%3A%2F%2Fyoomoney.ru%2Fquickpay%2Fshop-widget%3Fwriter%3Dbuyer%26targets%3D%26targets-hint%3D%25D0%2594%25D0%25BB%25D1%258F%2520%25D1%2583%25D1%2587%25D0%25B0%25D1%2581%25D1%2582%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B0...%26default-sum%3D%26button-text%3D14%26payment-type-choice%3Don%26mobile-payment-type-choice%3Don%26hint%3D%26successURL%3D%26quickpay%3Dshop%26account%3D410011221238975&page-ref=https%3A%2F%2Fwww.ng.kz%2F&charset=utf-8&site-info=%7B%22platform%22%3A%22desktop%22%2C%22puid%22%3A0%2C%22accountKey%22%3A%22%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A173780583271%3Ahid%3A24702831%3Az%3A0%3Ai%3A20211127120031%3Aet%3A1638014432%3Ac%3A1%3Arn%3A583886027%3Arqn%3A1%3Au%3A1638014432203040480%3Aw%3A200x250%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638014430751%3Ads%3A4%2C153%2C67%2C1%2C0%2C0%2C%2C448%2C0%2C729%2C729%2C0%2C727%3Adsn%3A4%2C153%2C67%2C0%2C0%2C0%2C%2C500%2C0%2C729%2C729%2C0%2C727%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638014432%3At%3AYooMoney&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cfc638628d07898e8e7aeb721438fc0489250e6d279aca63c6bfc4363c49b51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:31 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Nov-2021 12:00:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yoomoney.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
366
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:31 GMT
me4ta_v.1_edgeActions.js
www.ng.kz/images/banners/me4ta_v.8/ Frame 7D1F 		1 KB
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/me4ta_v.8/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
80ad437243d9d3c355b59fd6532733b3dba2e38efec21c7a9eaac71ee00c5d24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61651c3c-47b"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
forik_edgeActions.js
www.ng.kz/images/banners/forik_v.6/ Frame 4426 		1 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/forik_v.6/forik_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/forik_v.6/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
671d49f3be664438caecca1167805331ce56c408a97d49c7413bca70703b49be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 24 Sep 2018 02:43:56 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5ba84f6c-4a6"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
ng_sp_edgeActions.js
www.ng.kz/images/banners/ng_sp/ Frame 73F2 		1 KB
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/ng_sp/ng_sp_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/ng_sp/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
fa6bbd1df857b0f2c77ccb14ed594016a6a17947223c8a37178719c2ebf8b8e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 09:33:00 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"610275cc-495"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
thermapark_edgeActions.js
www.ng.kz/images/banners/thermapark_v.1/ Frame 433E 		786 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/thermapark_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/thermapark_v.1/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
dd8263e91d9d1cceb437e3593bb8590d84f3e1dd95641e6222eb4e67b4d10c31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
etag
W/"312-5d008bab9046f"
last-modified
Fri, 05 Nov 2021 11:13:14 GMT
x-accel-version
0.01
x-powered-by
PleskLin
content-type
application/javascript
cache-control
max-age=31536000
server
nginx
expires
Sun, 27 Nov 2022 12:00:31 GMT
stroitel_edgeActions.js
www.ng.kz/images/banners/stroitel_v.5/ Frame 0383 		1 KB
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/stroitel_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/stroitel_v.5/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6b2981a3f1d892e64e6164d1377414fe24e41b88c8e6b6fc05c3a2b840453d8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Mon, 06 Sep 2021 09:20:57 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"6135dd79-478"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
txt_scharf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/ Frame D608 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/txt_scharf.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3347d18bb0f3835c27d24d586e338e5bcfab7ff5ca714479b178c019a797b034
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/155014928956500899/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
218572
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5893
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 15:33:04 GMT
server
sffe
date
Wed, 24 Nov 2021 23:17:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 24 Nov 2022 23:17:39 GMT
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v13/ Frame D608 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Varela+Round&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 18:17:53 GMT
x-content-type-options
nosniff
age
409358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20416
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 22 Nov 2022 18:17:53 GMT
advert.gif
mc.yandex.com/metrika/ Frame 528B 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yoomoney.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
last-modified
Fri, 26 Nov 2021 15:51:55 GMT
etag
"61a0d86b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 27 Nov 2021 13:00:31 GMT
katris_edgeActions.js
www.ng.kz/images/banners/katris_v.3/ Frame E3D2 		1 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ng.kz/images/banners/katris_v.3/katris_edgeActions.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/images/banners/katris_v.3/edge_includes/edge.6.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
aee0e12abe2b8a956df266053a232566615af1bef647cc2305cb3f4bf02224e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:31 GMT
content-encoding
br
last-modified
Wed, 07 Nov 2018 04:42:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"5be26d34-49a"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sun, 27 Nov 2022 12:00:31 GMT
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame 8A02 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 02:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:34:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D80
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 27 Nov 2021 12:00:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 27 Nov 2021 12:00:32 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 27 Nov 2021 12:00:31 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame D608 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 02:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:34:21 GMT
1.jpg
www.ng.kz/images/banners/me4ta_v.8/images/ Frame 7D1F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/images/1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
a345064aa4dc8d7a628652d2e1057c4c04387c902e72b9354cf877dcb0869362

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"61651c3c-64ec"
last-modified
Tue, 12 Oct 2021 05:25:16 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25836
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.jpg
www.ng.kz/images/banners/me4ta_v.8/images/ Frame 7D1F 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/me4ta_v.8/images/2.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
bc67e658d7c42368fdf62d0457741cbe8fe5fba54ad5ac07ef5b30c4c0a348e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/me4ta_v.8/me4ta_v.1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"61651c3d-9e37"
last-modified
Tue, 12 Oct 2021 05:25:17 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
40503
expires
Mon, 27 Dec 2021 12:00:32 GMT
1.jpg
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
01dbbcda455c40b60de4c3fdefe46f16c5fdde89df50e269f9050fe3478f08f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-6bf6"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27638
expires
Mon, 27 Dec 2021 12:00:32 GMT
t1.png
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/t1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
7aadcf94da4a73add4824ce17f56a3d222169b09d13db4370ad3e2e598ecf3ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-1f1f"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7967
expires
Mon, 27 Dec 2021 12:00:32 GMT
t2.png
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/t2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
7525e45ccfc3c59c7fc975e9dcc1dc526abe300a12edd620047fa5f8f2b01459

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-1512"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5394
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.jpg
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/2.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
a24392f3d989fcfea869d281f7471e744dc396ee3f460a82ab54537a032ed967

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-6abc"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27324
expires
Mon, 27 Dec 2021 12:00:32 GMT
t3.png
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/t3.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
3069c98de366c8d6804693accde2b5093b396b07c2921c179111bae6fa74f2e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-2221"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8737
expires
Mon, 27 Dec 2021 12:00:32 GMT
3.jpg
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/3.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c46869849b59f3e62d260455470145cf262a078761550e671c336af696d14557

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-6eed"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28397
expires
Mon, 27 Dec 2021 12:00:32 GMT
a1.png
www.ng.kz/images/banners/thermapark_v.1/images/ Frame 433E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/thermapark_v.1/images/a1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f47fe2f5879c57160add56abb4bcb3499f1ad980f51da5151cff5e5f3579c5e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/thermapark_v.1/thermapark.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"618511cb-29bb"
last-modified
Fri, 05 Nov 2021 11:13:15 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10683
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon1.jpg
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/fon1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
8d4bcb4e5385ffa44e230202c6c5dde689949a791da40cb4025c6d5ca627ceae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f72-6fe3"
last-modified
Mon, 24 Sep 2018 02:44:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28643
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon5.jpg
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/fon5.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
0f69c7119f0dc0b422fe92d484f2cba0d15ccdb946db4b282c5dd900e8621745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f73-62c4"
last-modified
Mon, 24 Sep 2018 02:44:03 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25284
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon2.jpg
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/fon2.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
c9e5e1dac25ccc507c5576c1f56cda2222860b869aecb3e7e1f1a8ba40bae2e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f72-646d"
last-modified
Mon, 24 Sep 2018 02:44:02 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25709
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
25ebddf8cb6ab2554a030cd957a13712ee002c0c1614f5818e4a752b979532fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f71-2ccb"
last-modified
Mon, 24 Sep 2018 02:44:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11467
expires
Mon, 27 Dec 2021 12:00:32 GMT
ul.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/ul.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
d7c9faa4a83ce03e9c87d0a6e2e29f4eba7c83f6bfdf38c905d698486d240076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f75-1681"
last-modified
Mon, 24 Sep 2018 02:44:05 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5761
expires
Mon, 27 Dec 2021 12:00:32 GMT
logo1.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/logo1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
9b691e8423c61d1c3007a93ccd1aba5658c23a4ab2f65745c2ef15984930c124

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5f7be718-24c5"
last-modified
Tue, 06 Oct 2020 03:40:08 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9413
expires
Mon, 27 Dec 2021 12:00:32 GMT
tel1.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/tel1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
b6ba10f3496e2a581459a2cb6418801499087c68f6cb7e3bcb682016967f8026

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f75-1615"
last-modified
Mon, 24 Sep 2018 02:44:05 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5653
expires
Mon, 27 Dec 2021 12:00:32 GMT
1.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
99166dfb912a7fe1a77dc2763bcad6e19f666fc63498aed79d338829f32f01b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f70-2039"
last-modified
Mon, 24 Sep 2018 02:44:00 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8249
expires
Mon, 27 Dec 2021 12:00:32 GMT
5.png
www.ng.kz/images/banners/forik_v.6/images/ Frame 4426 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/forik_v.6/images/5.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
ddf05ba91a45be23ff80c2b1762f5192737ce52d85bf72f65a703c638d101521

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/forik_v.6/forik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5ba84f71-2a4d"
last-modified
Mon, 24 Sep 2018 02:44:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10829
expires
Mon, 27 Dec 2021 12:00:32 GMT
b_fon.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/b_fon.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
26639195c11927b2b97620cf16f622e607d2c8531cf0440cab8d76f5b27b6405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-10bd"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4285
expires
Mon, 27 Dec 2021 12:00:32 GMT
1.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
f5005d37162105831c19a77e8444786e4ab0ac99761a00e31cc08f55901acd78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-1877"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6263
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
867c2307e9c97528a9f2a834f44ea64987e383b9b7b22e1bc25601a41af8e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-1be7"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7143
expires
Mon, 27 Dec 2021 12:00:32 GMT
3.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/3.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
76429ab384a063228490f946aca10ba585e77ec0aa193067ab7a00c282f0ee2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-1636"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5686
expires
Mon, 27 Dec 2021 12:00:32 GMT
4.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/4.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
89f16c713a46f887385e8b1ddaf2dbdfeac28f2067f76c71fb666a86720c44ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-1b4b"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6987
expires
Mon, 27 Dec 2021 12:00:32 GMT
5.png
www.ng.kz/images/banners/ng_sp/images/ Frame 73F2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/ng_sp/images/5.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
5f2d08588077bb8709b324a08c5607d40d98ca1fe64dfdb2abfd0d6878b9c255

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/ng_sp/ng_sp.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"610275cd-1605"
last-modified
Thu, 29 Jul 2021 09:33:01 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5637
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon_1.jpg
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/fon_1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
7513d2d0cd0ef286201e7fc2601f6332d4549d2eba2084efa06dc66a70610cf7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-7efa"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
32506
expires
Mon, 27 Dec 2021 12:00:32 GMT
1.png
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
4d795a7f6bc8cc1cd7ba46990ea874c768df53332a1dc5d3e94a4f431b0029a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-351a"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13594
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon_2.jpg
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/fon_2.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
20b734c03abe13089751b0271b55439e2a532fc2e3ff674a3e91dddc30cab249

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-84bf"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33983
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.png
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
6699a9f2a499c6c1b1c0b4abc9e3f8b3e43cee2fd07ab25dd6ca5e68aad07428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-2cb6"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11446
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon_3.jpg
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/fon_3.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
81d8b51617e2d94423adbbc0436865f2c0c588651c197def063964c318ed45e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-908a"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37002
expires
Mon, 27 Dec 2021 12:00:32 GMT
logo.png
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/logo.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
0fc7d69850666ff22ac32f8399d695095da0a9d54277d3988248a2d5447eba6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-2b2f"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11055
expires
Mon, 27 Dec 2021 12:00:32 GMT
3.png
www.ng.kz/images/banners/stroitel_v.5/images/ Frame 0383 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/stroitel_v.5/images/3.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
a2732d379ecdad5445a1c5ad01790c673574ea7610d941e2102dfb2e0ec4645a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/stroitel_v.5/stroitel.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"6135dd7a-2eec"
last-modified
Mon, 06 Sep 2021 09:20:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12012
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon1.jpg
www.ng.kz/images/banners/katris_v.3/images/ Frame E3D2 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/images/fon1.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
2729b22d4c76e939a602097cd1e81d089e36e783da6e544ad037cb5f58fb861b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5f7beb8d-4670"
last-modified
Tue, 06 Oct 2020 03:59:09 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18032
expires
Mon, 27 Dec 2021 12:00:32 GMT
1.png
www.ng.kz/images/banners/katris_v.3/images/ Frame E3D2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/images/1.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
78f48a364d64379c7f2240349201400559b6e97a4cca5c1a314d816a512c6af9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5be26d3e-308c"
last-modified
Wed, 07 Nov 2018 04:42:38 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12428
expires
Mon, 27 Dec 2021 12:00:32 GMT
fon2.jpg
www.ng.kz/images/banners/katris_v.3/images/ Frame E3D2 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/images/fon2.jpg
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
deae2843c31c0fcbff3f7bc2a223e61cad22a00f75338cf3ddedb6c992de6f5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5f7beb8d-3f2e"
last-modified
Tue, 06 Oct 2020 03:59:09 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16174
expires
Mon, 27 Dec 2021 12:00:32 GMT
2.png
www.ng.kz/images/banners/katris_v.3/images/ Frame E3D2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ng.kz/images/banners/katris_v.3/images/2.png
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.134.12 , Kazakhstan, ASN207333 (HOSTER-NS Hoster.KZ - Nur-Sultan, KZ),
Reverse DNS
server.h-21793.kz
Software
nginx / PleskLin
Resource Hash
1d2fca70a3c33ef48f59be8b22705d11a3e09414b2965cd2ed39822a140b7224

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/images/banners/katris_v.3/katris.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5be26d42-1c7b"
last-modified
Wed, 07 Nov 2018 04:42:42 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7291
expires
Mon, 27 Dec 2021 12:00:32 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 82B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-ccK3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgSyAU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDih4ST2wimyS2br8OwWfFpgoVn2y4iu0DPfhoiMNXOqoS2UOK-rgkyABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NzQzOTUyODQzMzg4NzQ0GAA&sigh=ULw0JgNieXA&uach_m=[UACH]&cid=CAQSOwCNIrLMJz6st6A4NyQrmbpM23PscKZ0pRhQ_YIYCw5jXwNOM6tSPH5Sg-XTqke6_fXuFcCObPuDrAqUGAE&tpd=AGWhJmu4A5tgdUuw6hn35CP31Kamd8HlghrQcsBVNRmex4c6HAPwkrS4izdjmRDRsztktO9m6HHMeBit0XI49Wd4p67iI3OdeoZV3bmAsfIrRhkB-h-lNtq1ID8pfgMA2sueNfn63AZ7KGL2B1WuLk8IgvLSajsrvY4dPebTvb2bOWdvr6f6O8vDIjbNiYbhZRqypcLqHMVBgcI0lUF1kaQGvti-fPZSANLZI6rSlr4yoNex1qZDc7rSFyQkymUXFMICKwksSXu7CNsp4X7r-ciqAX1hB1bEwjwq8Dk49gWY-_Z7njN-8J1fyzwI9z1cX5U7hdqvaG2WNJyM0cfTgvmLlayImJL0RwsBnTkrg7KSxEnjYP3Zalu6Nl6c-q5QaJ43oLMufUDcebrSsTq9n-89iO92zf_BkSRen3ibkrPkOKTYGObgJ7FWU3ucsb1U0llsT2tUjrY5pSMTi9I9Yjy5r4WQILIu7guqfat98rzKVyquYZja54G_-E79LJe5LcSlyCsw6rvN_pnMdLFDVxkUyAzQD4lD31JPeg_iZi9ZZJuaoHCrWr6Nq-nN0A9wWDqP7KAmNU4isCP_DZGWN0yXCdIAFZduoey63QvuxpOr7cRop7rMzNeBDadUc8xWgfMWmUgeLe9a6RdLIi48V8DZhFpX91N3e9zGA3ItkKOB1s5sOIsM1jLcHtwjX2NHuOEFMB71A8cb8ERadUpJkCjMIijhzFxJRLGKvFYwc3iviJmN0CEDvbsb56oB34FORqn7uGMtuBEwDemjlAB1P9CeVckgzzBGgY92U0UCx_0FY-3s2GUFY4iZ7Cj5BT2SOyd9tJpQg1RkwwDdeL2yTwWHbTBVFNwYunY2rP_LZsN_TOn3dj9IUBtDk7rYptDAZFQC1v72v-51lCMo4wdfoByqCfRKl4vZg1NnYK4R53CrI6CbcqavBVxxVaTcZW3X4S3VGzWJGqDnn0BJz8fr42cCi9PMtGOEJR_upsYBHiCaIOS9M28jry_gfVIYi0_fSBGwI6wu0N-oU1gpQ6t2J3EQVHEpyKwl0mKGiGFZwgvdMvFB8iYwhSPTxZ45fNQewlk_GWo
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 82B6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1RME4yVmhZemt0TUdabE1pMDNPR05tTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTM2NjQwMTc2ODQ3Mzk2MjYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItYmNLWm53SUw0c3NhT0lxSXZkbDE2by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjEzNjY0MDE3Njg0NzM5NjI2L2Ftcy8wLzIxNi81NC85OTkvMzIyLzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzODAxNDQzMS8xNjM4MDI3MDMxLzQvcHViLTQ3NDM5NTI4NDMzODg3NDQv/wSsIy6Rwn8JTVS50X5i84zfwt7w&nodeid=1901&group=cdg&auctionid=1613664017684739626&shardkey=1613664017684739626&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%26client%3Dca-pub-4743952843388744%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.209.5 /
Resource Hash
4fe579b39b9d2176dc5fe22f3b5120adfcc082cfdfa32a3e3e151cc55a01f5d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1638014431
Last-Modified
Sat, 27 Nov 2021 12:00:31 GMT
Server
MMBD/3.209.5
x-mm-latency
34 (12)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x40, cdg-bidder-x140
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Sat, 27 Nov 2021 12:00:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 82B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 12:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82B6 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Nov 2021 12:00:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 82B6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:57:57 GMT
01qrvgnrrbds
hal9000.redintelligence.net/zone/ Frame 82B6 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1613664017684739626&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
b762e45eaf28b1220c0c91a01d257bc945481203e1f4751ba5058833cb1fbca8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3253
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 82B6 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=1613664017684739626&node_id=1901&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1RME4yVmhZemt0TUdabE1pMDNPR05tTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTM2NjQwMTc2ODQ3Mzk2MjYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItYmNLWm53SUw0c3NhT0lxSXZkbDE2by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjEzNjY0MDE3Njg0NzM5NjI2L2Ftcy8wLzIxNi81NC85OTkvMzIyLzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzODAxNDQzMS8xNjM4MDI3MDMxLzQvcHViLTQ3NDM5NTI4NDMzODg3NDQv/wSsIy6Rwn8JTVS50X5i84zfwt7w&nodeid=1901&group=cdg&auctionid=1613664017684739626&shardkey=1613664017684739626&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.209.5 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
MMBD/3.209.5
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x24, cdg-bidder-x140
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 27 Nov 2021 12:00:31 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame 82B6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ng.kz&ui=2d47eac9-0fe2-78cf-0000-000000000000&ap=&ti=1613664017684739626&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&pp=pub-4743952843388744&sr=4&de=43003&si=481016479&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a0f:9441:5::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1RME4yVmhZemt0TUdabE1pMDNPR05tTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTM2NjQwMTc2ODQ3Mzk2MjYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItYmNLWm53SUw0c3NhT0lxSXZkbDE2by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjEzNjY0MDE3Njg0NzM5NjI2L2Ftcy8wLzIxNi81NC85OTkvMzIyLzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzODAxNDQzMS8xNjM4MDI3MDMxLzQvcHViLTQ3NDM5NTI4NDMzODg3NDQv/wSsIy6Rwn8JTVS50X5i84zfwt7w&nodeid=1901&group=cdg&auctionid=1613664017684739626&shardkey=1613664017684739626&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ec12340b6da8a1fa9053fb2ff80029e70a93b2be1ad9c876a9278de9c46b1f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2976
Expires
0
img
pixel.mathtag.com/event/ Frame 82B6 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=1613664017684739626&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1RME4yVmhZemt0TUdabE1pMDNPR05tTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTM2NjQwMTc2ODQ3Mzk2MjYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItYmNLWm53SUw0c3NhT0lxSXZkbDE2by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjEzNjY0MDE3Njg0NzM5NjI2L2Ftcy8wLzIxNi81NC85OTkvMzIyLzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzODAxNDQzMS8xNjM4MDI3MDMxLzQvcHViLTQ3NDM5NTI4NDMzODg3NDQv/wSsIy6Rwn8JTVS50X5i84zfwt7w&nodeid=1901&group=cdg&auctionid=1613664017684739626&shardkey=1613664017684739626&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.44 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-44.deploy.static.akamaitechnologies.com
Software
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 27 Nov 2021 12:00:31 GMT
img
tags.mathtag.com/event/ Frame 82B6 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=1613664017684739626&st=4562306&time=1638014432&nodeid=1901
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1RME4yVmhZemt0TUdabE1pMDNPR05tTFRBd01EQXRNREF3TURBd01EQXdNREF3LzE2MTM2NjQwMTc2ODQ3Mzk2MjYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItYmNLWm53SUw0c3NhT0lxSXZkbDE2by8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8xNjEzNjY0MDE3Njg0NzM5NjI2L2Ftcy8wLzIxNi81NC85OTkvMzIyLzJhMGY6OTQ0MTo1OjovMC4wMDAvMTYzODAxNDQzMS8xNjM4MDI3MDMxLzQvcHViLTQ3NDM5NTI4NDMzODg3NDQv/wSsIy6Rwn8JTVS50X5i84zfwt7w&nodeid=1901&group=cdg&auctionid=1613664017684739626&shardkey=1613664017684739626&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.96&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.209.5 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
MMBD/3.209.5
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x40, cdg-bidder-x140
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sat, 27 Nov 2021 12:00:31 GMT
request.php
hal900029.redintelligence.net/ Frame 82B6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f09bb4702e&subid=&uid=5be7d8049d058564&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4743952843388744%26output%3Dhtml%26h%3D250%26adk%3D2340899510%26adf%3D308564266%26pi%3Dt.aa~a.3949373966~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1638014216%26rafmt%3D1%26to%3Dqs%26pwprc%3D7895694382%26psa%3D0%26format%3D307x250%26url%3Dhttps%253A%252F%252Fwww.ng.kz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1638014431333%26bpp%3D1%26bdt%3D949%26idt%3D1%26shv%3Dr20211111%26mjsv%3Dm202111110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D13b3565d4c8a6177-2291457506cc0042%253AT%253D1638014430%253ART%253D1638014430%253AS%253DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ%26prev_fmts%3D240x400%252C0x0%252C0x0%252C302x250%26nras%3D4%26correlator%3D5018006403934%26frm%3D20%26pv%3D1%26ga_vid%3D626400972.1638014431%26ga_sid%3D1638014431%26ga_hid%3D206844759%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D165%26ady%3D1748%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D2%26pvsid%3D1818329864871067%26pem%3D258%26tmod%3D1841029120%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DQ3EzpgloOF%26p%3Dhttps%253A%2F%2Fwww.ng.kz%26dtd%3D47&ancestorOrigins=null&random=7209991908643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=1613664017684739626&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
591df9792f263ed0260d824bd201c03b2830083b84990afb5670b506052e4efe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
72256700068139300951393011791029
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1315
Expires
Sat, 27 Nov 2021 12:00:32 +0100
view.aspx
pb.media01.eu/ Frame 4D1C
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72256700068139300951393011791029&actionid=879111&produktid=ratenkredit&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72256700068139300951393011791029&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f09bb4702e&subid=&uid=5be7d8049d058564&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4743952843388744%26output%3Dhtml%26h%3D250%26adk%3D2340899510%26adf%3D308564266%26pi%3Dt.aa~a.3949373966~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1638014216%26rafmt%3D1%26to%3Dqs%26pwprc%3D7895694382%26psa%3D0%26format%3D307x250%26url%3Dhttps%253A%252F%252Fwww.ng.kz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1638014431333%26bpp%3D1%26bdt%3D949%26idt%3D1%26shv%3Dr20211111%26mjsv%3Dm202111110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D13b3565d4c8a6177-2291457506cc0042%253AT%253D1638014430%253ART%253D1638014430%253AS%253DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ%26prev_fmts%3D240x400%252C0x0%252C0x0%252C302x250%26nras%3D4%26correlator%3D5018006403934%26frm%3D20%26pv%3D1%26ga_vid%3D626400972.1638014431%26ga_sid%3D1638014431%26ga_hid%3D206844759%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D165%26ady%3D1748%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D2%26pvsid%3D1818329864871067%26pem%3D258%26tmod%3D1841029120%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DQ3EzpgloOF%26p%3Dhttps%253A%2F%2Fwww.ng.kz%26dtd%3D47&ancestorOrigins=null&random=7209991908643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 27 Nov 2021 01:00:32 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sat, 27 Nov 2021 12:00:32 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.21
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72256700068139300951393011791029&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
5BC7764B:0BBD_91EFC182:01BB_61A21DE0_E5E2678:2A265
X-IPLB-Instance
40028
Cache-control
private
script.js
img.metaffiliation.com/na/na/res/trk/ Frame 82B6 		128 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.metaffiliation.com/na/na/res/trk/script.js
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f09bb4702e&subid=&uid=5be7d8049d058564&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4743952843388744%26output%3Dhtml%26h%3D250%26adk%3D2340899510%26adf%3D308564266%26pi%3Dt.aa~a.3949373966~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1638014216%26rafmt%3D1%26to%3Dqs%26pwprc%3D7895694382%26psa%3D0%26format%3D307x250%26url%3Dhttps%253A%252F%252Fwww.ng.kz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1638014431333%26bpp%3D1%26bdt%3D949%26idt%3D1%26shv%3Dr20211111%26mjsv%3Dm202111110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D13b3565d4c8a6177-2291457506cc0042%253AT%253D1638014430%253ART%253D1638014430%253AS%253DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ%26prev_fmts%3D240x400%252C0x0%252C0x0%252C302x250%26nras%3D4%26correlator%3D5018006403934%26frm%3D20%26pv%3D1%26ga_vid%3D626400972.1638014431%26ga_sid%3D1638014431%26ga_hid%3D206844759%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D165%26ady%3D1748%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D2%26pvsid%3D1818329864871067%26pem%3D258%26tmod%3D1841029120%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DQ3EzpgloOF%26p%3Dhttps%253A%2F%2Fwww.ng.kz%26dtd%3D47&ancestorOrigins=null&random=7209991908643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C05) /
Resource Hash
7c22b007743a09ec0ad5931edb3cc96fa88009586b10e0d3c502eeca52fbb183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 09:25:18 GMT
server
ECAcc (mil/6C05)
age
2579
etag
"616e8efe-201f0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
33512
native.png
ad-server.eu/wm/pb/ Frame 82B6
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72256700068139300951393011791029
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:04:58 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
5BC7764B:0BBF_91EFC182:01BB_61A21DE0_E5E21AE:2A264
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
trk.php
action.metaffiliation.com/ Frame 82B6 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://action.metaffiliation.com/trk.php?taff=P511E19571C9F151&argsite=72256700068139300951393011791029&gdprconsent=li
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f09bb4702e&subid=&uid=5be7d8049d058564&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4743952843388744%26output%3Dhtml%26h%3D250%26adk%3D2340899510%26adf%3D308564266%26pi%3Dt.aa~a.3949373966~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1638014216%26rafmt%3D1%26to%3Dqs%26pwprc%3D7895694382%26psa%3D0%26format%3D307x250%26url%3Dhttps%253A%252F%252Fwww.ng.kz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1638014431333%26bpp%3D1%26bdt%3D949%26idt%3D1%26shv%3Dr20211111%26mjsv%3Dm202111110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D13b3565d4c8a6177-2291457506cc0042%253AT%253D1638014430%253ART%253D1638014430%253AS%253DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ%26prev_fmts%3D240x400%252C0x0%252C0x0%252C302x250%26nras%3D4%26correlator%3D5018006403934%26frm%3D20%26pv%3D1%26ga_vid%3D626400972.1638014431%26ga_sid%3D1638014431%26ga_hid%3D206844759%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D165%26ady%3D1748%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D2%26pvsid%3D1818329864871067%26pem%3D258%26tmod%3D1841029120%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DQ3EzpgloOF%26p%3Dhttps%253A%2F%2Fwww.ng.kz%26dtd%3D47&ancestorOrigins=null&random=7209991908643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.0051679611206055
Connection
close
Pragma
no-cache
X-TRK-PROC
73241
Last-Modified
Sat, 27 Nov 2021 12:00:32 GMT
Server
nginx
X-TRK-DECISION
7
Content-Type
image/gif
Access-Control-Allow-Origin
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9
ai.aspx
m.exactag.com/ Frame 82B6
Redirect Chain
  • https://action.metaffiliation.com/trk.php?mann=P511E19571C9F151&argsite=72256700068139300951393011791029&gdprconsent=li
  • https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
HTTP/1.1
Server
85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Sa, 27 Nov 2021 12:00:32 GMT
Server
Microsoft-IIS/8.5
Date
Sat, 27 Nov 2021 12:00:32 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1788
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
X-TRK-D
0.003911018371582
Connection
close
Pragma
no-cache
X-TRK-PROC
73241
Last-Modified
Sat, 27 Nov 2021 12:00:32 GMT
Server
nginx
X-TRK-DECISION
-3
Content-Type
text/html; charset=UTF-8
Location
https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9
cshow.php
www.awin1.com/ Frame 82B6 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=72256700068139300951393011791029&pv=1
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f09bb4702e&subid=&uid=5be7d8049d058564&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D1613664017684739626%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_cid%3Dc3e861a2-1de0-4d01-8341-f86def2516ab%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCiyIz3x2iYe-rGdyBjuwP0eGcwAPPh46bXMCG2YLGAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0yAEJqAMBqgS1AU_QQBUBS1zQxfBl1iW3gkGsSPef5YroK8iLdbxjz_B4JlB0tYkIMCogRvDsgspEELV1wNg5T2K4XKAO9Xz6oYxISM5tD-LyAD9PV4Z8PReR8EdSQ37PkHOGSpwWxunpUDzjHOYslGRhvaHnnCp9e-Ru1_2hQb3jUHYgpLbxB-jMQ7znll4pga2fLDihoybXUIUO72FmVKS9pBrPUUTiwTSk_is-O0jMmokLvwGMljYXhcGkgfuABpCl7O_hmIDO1wGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3KklCTnQG9GEdXmqlDh8c5wbyezQ%2526client%253Dca-pub-4743952843388744%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4743952843388744%26output%3Dhtml%26h%3D250%26adk%3D2340899510%26adf%3D308564266%26pi%3Dt.aa~a.3949373966~rp.4%26w%3D307%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1638014216%26rafmt%3D1%26to%3Dqs%26pwprc%3D7895694382%26psa%3D0%26format%3D307x250%26url%3Dhttps%253A%252F%252Fwww.ng.kz%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1638014431333%26bpp%3D1%26bdt%3D949%26idt%3D1%26shv%3Dr20211111%26mjsv%3Dm202111110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D13b3565d4c8a6177-2291457506cc0042%253AT%253D1638014430%253ART%253D1638014430%253AS%253DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ%26prev_fmts%3D240x400%252C0x0%252C0x0%252C302x250%26nras%3D4%26correlator%3D5018006403934%26frm%3D20%26pv%3D1%26ga_vid%3D626400972.1638014431%26ga_sid%3D1638014431%26ga_hid%3D206844759%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D165%26ady%3D1748%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26oid%3D2%26pvsid%3D1818329864871067%26pem%3D258%26tmod%3D1841029120%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D2%26fsb%3D1%26xpc%3DQ3EzpgloOF%26p%3Dhttps%253A%2F%2Fwww.ng.kz%26dtd%3D47&ancestorOrigins=null&random=7209991908643&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:32 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ComHM3h2iYZzjN-Cy1fAPlKmVyAGS4bPdZqWHnuzmDrbs7OyuCRABIN6-8x9glYqzgsAHoAG46IrAA8gBCakCPVGexJX9sj6oAwGqBMMBT9BYk4lHVqvXZJkt8geoQCXk5RNSHGXhJ-Yre_DXaDJUO1IRJPexEM-vMNvGx3TG_luWa5j_Roxe8Vx01Fkgwmx1l5MqDrw5jP3c95YEy5IlPIYSa-xYnvIf7HjQ15tM4JJqFWKgh4yWqi3Jexohe3BgQTUMQHzeVlbgqGgjhmiBnrCkdnhzSnBNcQe5dPwkKK-01ZO1adh_kAFZKwmEwVNhUfK5xmPODC2K-Os2DAy9LEnb7isEqR4OPBjKiOHk2GnAwATz1Kbc4AOgBi6AB7CX9T-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCqvwnSCAkIgOGAEBABGF-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItNDc0Mzk1Mjg0MzM4ODc0NBgA&sigh=ayBf1g49NgM&vt=1&template_id=419&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=400&slotname=8979496712&adk=1939518401&adf=1577466243&pi=t.ma~as.8979496712&w=240&lmt=1638014216&psa=0&format=240x400&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014430746&bpp=4&bdt=363&idt=108&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=5018006403934&frm=20&pv=2&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=682&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PoNmrjYTkx&p=https%3A//www.ng.kz&dtd=123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7132 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOUoS6U7dilGgAogbkinnNYe5vZG_BYSXxF_6RpVR4YTuEETo8Ah-FD3-uFRPQVAIepebSi3nuUI0AYS8P1q11F--4OWCGMVFV1CgElg5HupIqquy5Xg&sai=AMfl-YTc9hEmo9n_RR4wlANwO88UO9R3GfLsJ-VWUxNjlVhyR7eih5fRWoOvWCKrSMlGilhkm1z9MusYnn6g&sig=Cg0ArKJSzArQh8gtSj_-EAE&id=lidar2&mcvt=1006&p=0,0,200,240&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1939518401&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1638014431580&rpt=195&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 20F0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 12:00:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20F0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Nov 2021 12:00:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 20F0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Dec 2021 11:57:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 20F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CloOw3x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLUBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZSVkz-SYxfLI7O19eJXe-T5vZDyzKHhiJPivcjCqOBYcPor6p8cmIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3NDM5NTI4NDMzODg3NDQYAA&sigh=uwaW3jYlC44&uach_m=[UACH]&cid=CAQSOwCNIrLMMG2IK3SoMQjpaD3Ub9avqi4-1x1D7WSFlPJ3ffwdSvs4ap_v8MkigHAKVoAxQCjlFdAazJArGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 20F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kh84ngv4cpm7ys0nb1n3s6d7xhn3cfbde203v18t7jkrzvbk5azxdy0vd32yp9330c3ptfayjs60btzm48nmcngcqqsex4y2zkyd9x33bgjsmddjfpx9yf48qjj7kp4vjvh0tp88t7q8vwxavep3f33pbksq47z566kyrp0aaen8em4ew6ztddraeknya1ydaf08rarykxz3jp1r0zsfxtj639mna2w3gq8bgqbctmm0v7pdskyabn4k9d70p8jphbk1j3s6efayk956ad4meg3bn1m81fpgk0x09xcsf6ybb7x1e0kmpstm4mefs4m3c8ap6pnbmzdcfzfyscjpn184xrs5mmnb7z9s1ryty3e80297s4d33c7xytb1qsam1pjwcm3sff2nnqeykmmy0ghdq767y6xvc&b=YaId3wAGTKgHg4DZAAcJdKk5ZhpV47rF-Y7IiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Nov 2021 12:00:32 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame DECE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f1be825f7d2ecf3d0c8419ff435a70d23ace2ddb6443366410d704154804571
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b4b325d5ca0691b-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6865 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 27 Nov 2021 05:53:44 GMT
expires
Sun, 28 Nov 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
22008
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 6865 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBjYpZ2RCDJ96NewdOOoai0&google_cver=1&google_push=AYg5qPKmVxhsc5YJ8QMBggXkGYOukeV9kcgIdekOqwY3dLS1aQLp6KdD64x_b5lgjDBe-lo_eaI8SRbeZCRri6B5DLSiFJpPKXtp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIlN06LI2lA28Z81pkbJ9I0&google_cver=1&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek&google_hm=Q0FFU0VJbE4wNkxJMmxBMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek&google_hm=Q0FFU0VJbE4wNkxJMmxBMjhaODFwa2JKOUkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
Apache-Coyote/1.1
transfer-encoding
chunked
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5HyF8l_q0YH89ntBHNBmIHl5Ivvwp7xxfzlRuKxdsVO7KiF9KWLf1M6AX5cPM7bzSV1MhahCoUTmTJFGSxtJeEPRMAek&google_hm=Q0FFU0VJbE4wNkxJMmxBMjhaODFwa2JKOUkw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 6865 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEN4P377_feL1X2M6zmz_leM&google_cver=1&google_push=AYg5qPIfojA7YqeBrqymS6Huda6VaZButkDxBX6iDrLi3FINwulTe79tYvIF_rJq7T4wHEHIXy17CgB2jrYKPpwofRPD52Y1ZAct
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8acsj6egrht7kld3qefjq6s97td7853f
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhWSj7xcZCJJxXcyThI2RmKPyyn6ZODl-WQvjgmVz8rVKCHD0t-JbNyLJfPOQVFzOrKzAaiJPeZQo-3qU_o28efnpXmPoJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhWSj7xcZCJJxXcyThI2RmKPyyn6ZODl-WQvjgmVz8rVKCHD0t-JbNyLJfPOQVFzOrKzAaiJPeZQo-3qU_o28efnpXmPoJ
date
Sat, 27 Nov 2021 12:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL_GBZZQ84k6asFSOtBKVDE&google_cver=1&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxRUQtNS1EWTY0&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwksh7RjeF-jaJJyClRQdJWuAmE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxRUQtNS1EWTY0&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwksh7RjeF-jaJJyClRQdJWuAmE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxRUQtNS1EWTY0&google_push=AYg5qPIGmy-xMurclk8xZQ6h3NWLXwKCIh0gxW0amNrgS4R825sdoloImIMOsijoi_uYpOqVLwksh7RjeF-jaJJyClRQdJWuAmE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkN...
0
0
trk
ag.innovid.com/ Frame 6865 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJifYgX4NgbhcDmRG0wBu9g&google_cver=1&google_push=AYg5qPIN4cj-FZef-SpMu4i8lgwFyk0zZOhFRQEv-ozFgQwk1K-BoURtP_gOPdsRoqYTkaS72f_zi9Z7ck1kI89tgr-oFYriihwV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:4d99:e3e3:5994:4b29 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 6865 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAi4UgECtZMQefE21aSAz_P__FUYGNdofs10OI98vW43rBfRJFg_I4cOd8g8r7_U_IG2yr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2779202426&adf=532322819&pi=t.aa~a.1137895031~rp.1&w=302&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=302x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=2&bdt=949&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0&nras=3&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1129&ady=1372&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=CVKrgA8Pgp&p=https%3A//www.ng.kz&dtd=43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 20F0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb9d2b74793efcdd40dea80a2752e34d9776cff8bbdfb3957b953d2ca5843ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987
8019191.fls.doubleclick.net/ Frame 6997
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
66aa0a03f6173ebefcd4327bf0fc01a454d758ea6c8d786790a4140b6faf5bb9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Nov 2021 12:00:33 GMT
expires
Sat, 27 Nov 2021 12:00:33 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 27 Nov 2021 12:00:33 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900029.redintelligence.net/ Frame EC86 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
fa4017029cb89ab9c345f840cd66a32e86f8b3741b060a2f8e62dbdb50713166

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 27 Nov 2021 12:00:32 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2062
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E6CC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 27 Nov 2021 05:53:44 GMT
expires
Sun, 28 Nov 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
22008
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
kwanko-sdk-iframe.html
img.metaffiliation.com/ Frame 451D 		3 KB
993 B 		Document
General
Check archive.org
Download Go to
Full URL
https://img.metaffiliation.com/kwanko-sdk-iframe.html
Requested by
Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/na/na/res/trk/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD7) /
Resource Hash
2d43c04a2d2f68039cedc241e492503a5e0d93a2cafb3be130993b3e3dfd8d4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
3316
cache-control
public, max-age=600, s-maxage=3600
content-type
text/html
date
Sat, 27 Nov 2021 12:00:32 GMT
etag
"5fd78d26-ac5"
last-modified
Mon, 14 Dec 2020 16:04:54 GMT
server
ECAcc (mil/6CD7)
vary
Accept-Encoding
x-cache
HIT
content-length
891
truncated
/ Frame 82B6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
792206b16cf5b6077c0e3d304552cb001cd95945280314b730e7d40b4456b8b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?oz_pl=1&ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ng.kz&ui=2d47eac9-0fe2-78cf-0000-000000000000&ap=&ti=1613664017684739626&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&pp=pub-4743952843388744&sr=4&de=43003&si=481016479&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a0f:9441:5::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.40.0/ Frame 82B6 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ng.kz&ui=2d47eac9-0fe2-78cf-0000-000000000000&ap=&ti=1613664017684739626&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&pp=pub-4743952843388744&sr=4&de=43003&si=481016479&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a0f:9441:5::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:32 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
48186
Expires
Tue, 05 Aug 2053 07:58:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJyyO3h2iYcXvN-eS1fAPzoui6AH41oTJZqHf_IqlD2QQASDevvMfYJWKs4LAB6ABzKiw4APIAQmpAj1RnsSV_bI-qAMBqgS_AU_QKSbf-A92qZv8LMLpUW6kWac4o7T3PZzwDt_Z4hQHSBDaj72jbWkgPO0r_K1K11WfqIxG_By-OWOCbQugCbhnfGsniM3MEAaeRT4MpTgdiKkggbe67ZDopExT3k8-nip9HPhdNEemZeIJEscp60IE1xsRWGfenUiyhB3358UAvl1dLIgDzxsHBvTRcD6CZ6Jb_wgd_W63V7lLYRvch-S_yXI4hRVGz_sXiNtKJx5pFcvhwLX-nCAFKnecUaiEwAT6qqHN6QOSBQQIBBgBkgUECAUYBKAGLoAHnPKyIKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJGWA9IICQiA4YAQEAEYX4AKAcgLAZgMttGz7PIDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NzQzOTUyODQzMzg4NzQ0GAA&sigh=-IpW-vN_WlQ&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 27 Nov 2021 12:00:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8544 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYrZ1B5mpVbltFMIdBofkH8U9cisW7f635wpqGbFkIBlZS85_UqEL3otgpGF2nizAQcBjfEdn6jZSrvQKDUX61VRDFyaKFno0qk26-Yiat4vT_yqk_G4smSA8UrlJ7TzGo3Dbz9__pZMXiJDkLCJH2hWtH277jbQ&sai=AMfl-YRsfj4SSDLMfWCb1xnXWGfdVECXSzea1oiaD2UkvUXN9gdkm1RJjSoYu6R8HhwYqSDvIb1jUvqmz-Sm&sig=Cg0ArKJSzJyEcs-JfB5QEAE&id=lidar2&mcvt=1032&p=0,0,124,1005&mtos=144,778,1032,1049,1049&tos=144,634,254,17,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2854383581&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1638014431533&rpt=367&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.15/one-ad/ Frame DECE 		80 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.15/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90467c19c0cb92e9f5797c28b89dcfb5fe9b7e96d51f5a74185d2d209ad5506d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
6
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=82391
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
Sat, 27 Nov 2021 13:00:33 GMT
last-modified
Fri, 26 Nov 2021 09:05:54 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
6b4b325e396d4339-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame DECE 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Sat, 27 Nov 2021 12:00:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52374
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znrAvibz4Lf%2Bl%2BsEqi%2BiLl1KOvKN%2BpsnNUCb9Z4jt4ldFEtI2bu416EbhPQLbB52YkT9AEaRJPyEzO7Ed6dhRpJ0xIJl9GnAczc3aw2O0TWriWDRs6g5TkpF8yWP6LkbVLxk04U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Fri, 26 Nov 2021 21:27:39 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6b4b325e3ebd691b-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame EC86 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Nov 2021 11:56:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 27 Nov 2021 12:00:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Nov 2021 12:00:33 GMT
/
hal9000.redintelligence.net/scale/ Frame EC86 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
987a2b62e33b2c61590e5a62baf86693462c78dd97dcbadcc26a350ee7f8b569

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16246
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame EC86 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/62726/creativesup/ESDE_MSS_Step2_Kleid_1200x627_251021_rs-IxQ56xIE.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
408900c07074690884b9c22e0cbb39511692f4d1bad18954e12fa0d80f4dfbe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16240
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame EC86 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
7d74ef3eb1e318be765194cf81d74d8d24ff4536da4ecfcf5d7a93368a3b7025

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECVVHIBtn_qZ23Dav11hzXE&google_cver=1&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJw...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJwFDwGGctgLHMuWb5FtaHpeJMgu4FCOeOP26VFml_jc&google_hm=lIzPud8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJwFDwGGctgLHMuWb5FtaHpeJMgu4FCOeOP26VFml_jc&google_hm=lIzPud8qzAQDD0yp0oABjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIe6e1oiEXYckyv0rkuMEXTusoCMgB2mf607D4ys1mWH-nPBUNRJwFDwGGctgLHMuWb5FtaHpeJMgu4FCOeOP26VFml_jc&google_hm=lIzPud8qzAQDD0yp0oABjA
pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK6j9Fl...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK6j9Fl...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcxMjAwMzMwMDAxNjEyNzMxODcxNg%3D%3D&google_push=AYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcxMjAwMzMwMDAxNjEyNzMxODcxNg%3D%3D&google_push=AYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5mLQW0_I4QgqHO1Lyj_p7FxhzA8_W0j
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjcxMjAwMzMwMDAxNjEyNzMxODcxNg%3D%3D&google_push=AYg5qPK6j9FlZjlU7SBfYV16CJxcRQaP0QswUmnowKULurHJL2oh78w9hBnNkpqnTJ0qs5mLQW0_I4QgqHO1Lyj_p7FxhzA8_W0j
pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 27 Nov 2021 12:00:33 GMT
dds
rtb.openx.net/sync/ Frame E6CC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOn0Fg_2bPLytRaG8wvRvYU&google_cver=1&google_push=AYg5qPIxega1FYFM-VZ0vAjqHqKKq1dP0tg8Z5WnifkL5cHJRCeHre3LpUzc4u6MjbbDgXIfLfTjme1VOlH8BJV0hW1tw8S6avHH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:32 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bfa3dbf7113hsnr8jqdhn9g7qpoo2g5m
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKH_Z-QEWfRuN-YWXd8FpQ4zYukOxEleGfhw9_m7VtbROHXKRUJZhhRWubsoKOTMqVM__qqMqWheNNAR-QFxSE7d4spjX9K
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OpO6V85QRTeftXCzXH4Ong%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKH_Z-QEWfRuN-YWXd8FpQ4zYukOxEleGfhw9_m7VtbROHXKRUJZhhRWubsoKOTMqVM__qqMqWheNNAR-QFxSE7d4spjX9K
date
Sat, 27 Nov 2021 12:00:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAMMWxezTXcg9P8LiUa_i8c&google_cver=1&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxSDktUC0yNEcx&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01iAwC4kLkXN9xNt4bJe7mQ7jth
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxSDktUC0yNEcx&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01iAwC4kLkXN9xNt4bJe7mQ7jth
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dIUkkxSDktUC0yNEcx&google_push=AYg5qPLIhW5zrzsW_d2C0ZKhVzF-OHQ1ee8WaMR9ZLbsy8EOUw9_QFXVAHiYyhaGus7lAbYde01iAwC4kLkXN9xNt4bJe7mQ7jth
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7...
0
0
pixel
cm.g.doubleclick.net/ Frame E6CC
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIigW5hj4vVJqJxIvYRdEk8&google_cver=1&google_push=AYg5qPKhHAUap4nGRv0gSNox...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKhHAUap4nGRv0gSNoxYxX9IrtoETCExp4rSpOMtFeXHShnKDOF9m2haPccS8BAajrP3kCSEgOfg0YL9oLqrcCPpI4nRMdo&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKhHAUap4nGRv0gSNoxYxX9IrtoETCExp4rSpOMtFeXHShnKDOF9m2haPccS8BAajrP3kCSEgOfg0YL9oLqrcCPpI4nRMdo&google_hm=
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKhHAUap4nGRv0gSNoxYxX9IrtoETCExp4rSpOMtFeXHShnKDOF9m2haPccS8BAajrP3kCSEgOfg0YL9oLqrcCPpI4nRMdo&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 26 Nov 2021 12:00:33 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E6CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhpTOv5rBEmNI3k5c2-hG06j1L5yUBaudjYNthOCAY7aiuoQHHARIQVAGGNA7wemczIHOIeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DECE 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.15/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6514838
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F48uYjSSAWJwlflAvBaNGxgPGd62FcJyM7pkIsWUzo2iGA3XFsb8Ju%2FRQBbTU79pZFjaDkLun%2BvhyY7%2BO%2BalBIhPNrhMG%2FzE2ADMzC4288xBVxnGpsy9pfSPTjcmBtH5nMBOriu8b%2Fe7FpMd4%2Ft%2FS634"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6b4b325ead157034-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
viewability
hal900029.redintelligence.net/ Frame EC86 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=72256700068139300951393011791029&a=df4dc3f3&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=72256700068139300951393011791029&a=19454111
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame EC86 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:39:33 GMT
x-content-type-options
nosniff
age
397260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 22 Nov 2022 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame EC86 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900029.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 14:56:27 GMT
x-content-type-options
nosniff
age
248646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 14:56:27 GMT
frame.html
ad4m.at/ Frame 67F4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Sat, 27 Nov 2021 13:00:33 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
75770
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnYFe0ye5unGOWxxT7m6tH71DRRYd2y9oDXfsNnSQZatM9f%2BvAoiNi0WJkYhrjmvqcSXOMHFeFHHuqWN23s7WdH3%2BJ3Cm48vzwvZu1SiQ7lX72jyztfj1VMm5Hcx8mJwkKoXLpE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b4b325e8a514339-FRA
content-encoding
br
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?oz_pl=1&ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.ng.kz&ui=2d47eac9-0fe2-78cf-0000-000000000000&ap=&ti=1613664017684739626&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&pp=pub-4743952843388744&sr=4&de=43003&si=481016479&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a0f:9441:5::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014433087&oz_l=1200&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987
adservice.google.com/ddm/fls/z/ Frame 6997 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLr0qaO_uPQCFcnEGwodU0kJjg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=909777107613.3987?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame DECE 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78cfaf028e3ebc7fe5c0d5333aa556d53453d0b41961ea4e5526b1727fdf62b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6b4b325fbc8a702b-FRA
date
Sat, 27 Nov 2021 12:00:33 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saaD80vu7IJPGNZ8H5BH2fJeAr7WympkVl0TfM2l%2FctILNWjE%2B2MS%2FyqCUCegM12Qlc4f%2FJ%2BWD3d0jIiuiDtt6u8fUszaz9NgAUIWL2IRvgzKAq4jqqEML23XL8DuixuKfJFMUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-strs
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-strs
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6Lh2vDvb%2FtlXwuyVc0qZs9ljCalK%2BJLXnNPyuro%2B7FEXU%2BQl60Q3%2B60wi44ZF01ncEtI3iKJg41nMc5cav9zT%2B3asc1LYp7sxKQLgRh5adw4Rxk%2FrY9Px%2B1TNQq%2BahMAspqzBg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b4b325f8c0f702b-FRA
23b7d167-d926-4a67-87ed-5ed23b09f182
https://googleads.g.doubleclick.net/ Frame 4038 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4743952843388744&output=html&h=250&adk=2340899510&adf=308564266&pi=t.aa~a.3949373966~rp.4&w=307&fwrn=4&fwrnh=100&lmt=1638014216&rafmt=1&to=qs&pwprc=7895694382&psa=0&format=307x250&url=https%3A%2F%2Fwww.ng.kz%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638014431333&bpp=1&bdt=949&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D13b3565d4c8a6177-2291457506cc0042%3AT%3D1638014430%3ART%3D1638014430%3AS%3DALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ&prev_fmts=240x400%2C0x0%2C0x0%2C302x250&nras=4&correlator=5018006403934&frm=20&pv=1&ga_vid=626400972.1638014431&ga_sid=1638014431&ga_hid=206844759&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=165&ady=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1818329864871067&pem=258&tmod=1841029120&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=Q3EzpgloOF&p=https%3A//www.ng.kz&dtd=47
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
2200384
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/2200384?wmode=0&wv-part=1&wv-hit=681708894&page-url=https%3A%2F%2Fwww.ng.kz%2F&rn=532405322&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1638014433%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211127120033%3Au%3A16380144319429825%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638014433&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:33 GMT
last-modified
Sat, 27-Nov-2021 12:00:33 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:33 GMT
rar
as.ad4m.at/ad/ Frame E97C 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76993d6d1cd96c814201ad5fa90ecc698d09a23e156808b9d8de4644ab2539b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jenzveqcad4sjh5x8mdnqgrgqhm0668rywt0cabkz8j0yhmv5wp9v8pgsdckd9ph1gmar4b7zecdg2yt6e7ek0jm3tk551x9eteacn7tt5tdgxb609y6dfcccgcdp66pja8t0djwv6arysnep4wkcbws4s7h1t9pfhz2zg6c82j4g4xyw4qj9vw983bfx31s6rrq53m993r4c6qfrqfd1bght3ap00v7atkt166jasy16t4f8644wh7wkyas7x8mx3cfbwbk7y2jccsz9h6j87gd72rsjaczfgrehf6862m7t8pbbm8zcvdqgapwjhdn5mf7xazr3h4pgy3x1qt44z7k3g2q0qhcw7bg2m5kb8h3hzd5zsy9ktr4tr7z9he5m7z840hh5777ft532x2teb3rrmqn97v0sbrknzzfjdmzgj46bz6qp5vn2d4d4ncx9b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%26client%3Dca-pub-4743952843388744%26adurl%3D

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b4b325ffd544339-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.15/one-ad/ Frame E97C 		80 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.15/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90467c19c0cb92e9f5797c28b89dcfb5fe9b7e96d51f5a74185d2d209ad5506d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
6
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=82391
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
Sat, 27 Nov 2021 13:00:33 GMT
last-modified
Fri, 26 Nov 2021 09:05:54 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
6b4b32603dca4339-FRA
cf-bgj
minify
E8EA317949C63E248452E31F5C06D77B3668C07614BA35610C7AB29E65B0D5794D9D340D4CA565A89D867AB72CEBED1B4E12F68BEF75520978641D7EE06F576D
assets.ad4m.at/logo/ Frame E97C 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8EA317949C63E248452E31F5C06D77B3668C07614BA35610C7AB29E65B0D5794D9D340D4CA565A89D867AB72CEBED1B4E12F68BEF75520978641D7EE06F576D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55875a2e63363c27cb067d5bcf21a65bd8efffccb7a4de1ef41ae8b159e7023f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=dSVgDw==, md5=2m7QdREHTpqKJWqnHGEyuA==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405357
cf-polished
origFmt=png, origSize=21213
x-guploader-uploadid
ADPycdtESLJA_qrhIh_B1MqbrTnl6zz-c42XYLVj4UWAF08IOdj0JQY5EgHSU7FM4ztsmhp2KgwIhfTjmPgVJD36thE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7146
last-modified
Thu, 18 Nov 2021 16:09:26 GMT
server
cloudflare
etag
"da6ed07511074e9a8a256aa71c6132b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sdX93C%2BWU5C576YQtbkGmNb5IgsnVh7Dvliq6lcvjRLeXyp2NXB5GlpGE8eEd8PXe4FBGJWg9S64MrjsJlPnwACeywa%2FLtG4xQ%2FU3GcYhxqOwlhbG1g%2F8NYDYxd5eUJ6MaN0y5wVciEADZY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1637251766352915
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
21213
accept-ranges
bytes
cf-ray
6b4b32604c5c691b-FRA
cf-bgj
imgq:85,h2pri
CDEDB5A79A80EA41B0F03A849ADC491AD0FBBA3342DA081C7B49F2284DA28AB711C533EC084D268B4A6D3C0B46569455694AC901D28597561E73487E1F6BB239
assets.ad4m.at/product_image/ Frame E97C 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/CDEDB5A79A80EA41B0F03A849ADC491AD0FBBA3342DA081C7B49F2284DA28AB711C533EC084D268B4A6D3C0B46569455694AC901D28597561E73487E1F6BB239
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3079788177f9ffa0349fc9f472435d15a99d4f6d865bde952529ea19cd87600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=BLcMag==, md5=WCotjPi27vGScPiul+LauQ==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404448
cf-polished
qual=85, origFmt=jpeg, origSize=127009
x-guploader-uploadid
ADPycdv2VQfuhLxYnukj5NcUUA569IjyvIehrSm-6dTgFa6oXIdRwxfLFPHA5OkfUAI3voHY-C1q_ahnPcrz2FQKLvk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24464
last-modified
Thu, 18 Nov 2021 14:44:48 GMT
server
cloudflare
etag
"582a2d8cf8b6eef19270f8ae97e2dab9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuXlW5%2BKXzkBKqu9OBazzldk3JdUEpPhqLEkwt1tU9m7TVdz7qkQbXHZ6E2AFh48awxF2GmoyC0SUsmKoos4%2Bo%2BKBHt4QYEQ%2Bk%2Fa4AQxFc9A4uyOkpk5l9%2FlyjKm4LZ2Oa%2BAe%2Bhh2HBez342"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1637246688561479
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
127009
accept-ranges
bytes
cf-ray
6b4b32604c61691b-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame E97C 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2932283&v=24708&q=417689&r=412871&pv=1&ued=https%3A%2F%2Fwww.shopmate.eu%2Fde%2Fthemenwelten%2Fblack-friday%3Futm_source%3Dad4mat%26utm_medium%3Dnative%26utm_campaign%3Dblackfriday_gewinnspiel&pref3=&pref3=oneidKe2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fqoneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.17.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 12:00:33 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E97C 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404595
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdsKWIlEPq31w3iwE7Ti4SSYc2uRMpnK3dms0BZPdOU3U581-PLnFSwm1EUeI-6pr7z9HgipYtmJJ2Olr5Yo-4M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnUVmquqcr6gvmn4%2FVRBK0%2BNW015r822nn3qW%2FHFTwMqeVsmXr1tASo2n2sAZrhGuIYbHp5ewYEmKKOlZI9rrMUxZVtLgCrPQc2j3F6q8yrr3Flj%2FTKu4iu1hLeHBU6r63xWNRcm1wtPk%2FmK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6b4b32604c5b691b-FRA
cf-bgj
imgq:85,h2pri
AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame E97C 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=XI38Pg==, md5=RR+psCrnlTuTEa76xpe+fg==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
406389
cf-polished
qual=85, origFmt=jpeg, origSize=156576
x-guploader-uploadid
ADPycdu6rkYYsOrj8POH3nLPOuFKPdqnbodpl3BLJarY4CfUL4IfaQ4_d0V4HBW0O22wS5YN-8SkulJvyMpBET9MbCY45YmqLg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34068
last-modified
Tue, 19 Oct 2021 12:48:35 GMT
server
cloudflare
etag
"451fa9b02ae7953b9311aefac697be7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHMqzqOfXmq069AIecwxHQg1CbKy3fB8ydEh5il9%2Bh4TJ%2B7tk00cJTZgbr0wuHsPw6LNxT4vrAI4clrb88CONrkmSd3ZVtRFphkCbINyQVQM7%2F5TF3V%2Bm7OTawwtLYBX5LKTF5SyJi0p1Jea"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634647715304870
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
156576
accept-ranges
bytes
cf-ray
6b4b32604c5d691b-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame E97C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=oneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_co...
  • https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=oneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consen...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaN...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202111271300335928602...
43 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=117683&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=117683&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame E97C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
404399
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdtGheUqamGqTXYbltZGreVe8X9ixA1WLeN1H7RRqfnZt9FAD9LQvCHzJu0M9vObtJjYgRW6jIEw3aQMsIGrnxySjGZWow
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1xO9UoULvp9y77vIVTCW6KKW7aR6%2FLCiE22wCPCAoC%2FwByACP%2FEhTR%2FeIh%2Fwf9THfvbHkj%2Flu5JyuvAVsGoZc6c9K4dHinjHR8wb0H9LzyeTKLT7Cuvkedf6JQHzCpiG%2FvlHih3JiIvsdJZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6b4b32604c66691b-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame E97C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Sat, 27 Nov 2021 12:00:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
409929
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdsLBcmMNa-LqLWpjLfNEf31ggW4MpqYWxXmWVmQhJ6L5cqZJ9JzsdfHQKgBwgWoD4vJvMxYpqUI3KExlZkAYcE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BrHo7PnB9JEW1pSdIOwwf9GJ%2BK9ySuhYJsmhBRXZXe3KgAQTOryWpdnksxRXXZJzz4Amr0jgtxcWcQOFp3k80WsnD49bDf%2FpIjkIt0oT76vru0PMCnlHcTL%2F7ZPjiDMU7y%2FgJmQC9aOJ0Xt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Sun, 28 Nov 2021 12:00:33 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6b4b32604c64691b-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame E97C
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_co...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&gdpr_consen...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoH...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211127130033592860267...
43 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=170113%2C13957%2C19491&b=Ke2sRfE34CGG8dc5HMHktPtKWqKf8TATwx8fq%2C5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1%2CR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7&f=k6YF5f1pjUddJMU4HwHetmCXmDXukTjTp7mUR%2Cpm8S1f59XFwGWhkH4HmtJCQQBFgTRTE68CE%2CQems4fDM3cWX7axH5HYt9CZZrTDT4T5wGuV&c=300&d=250&e=_eaaNoHqruZx16T5z1zR8931dbTI5Pru&g=e235b6b6b09176ce7d4d2b6eac02f065%2F12045469640341664473&i=69427%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach94_WKZREACH&r=1638014433252&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gphtjvejwqcyek8vkyxn8hzypb3qbezfbbb1agzvxrvz6evze34twy4htjnha86yhgvnsm10trwjn37zksvjb28crehqwtxhqesy0fevbcwnba58rfwftgy82r5x867645z19nqyph32fghw3j3gcjsv62newf8cjvvw7dv3hh6qbaxspyehnezmmrvsxbdh0pmw3eqkf0d4jgw0v35arnpd4x7p0w3m3mb700xtvmz8yvcj3364rdg8cfvn5b25vpd2frbkbt8rdanf0as5bq4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC4Y093x2iYaiZGdmBjuwP9JKcsAOQ4YGEXLaoworwAsCNtwEQASAAYJWKs4LAB4IBF2NhLXB1Yi00NzQzOTUyODQzMzg4NzQ0oAHCrujdA8gBCakCPVGexJX9sj6oAwGqBLgBT9BzR2tvT9fh74w3Khn8-lCnI8FqIUAYvVGkDJU3-rEkfb3SZVEvFLGLw-6cW_gwbDZQZ9FbBqg7dD8tPBvYWgZZIAu4MO21uFQEZ-i_xMTJmBgT-3M0UZLWEELeH0YO45ett_SL_a5sfVjHSh5zlyhpupkG8fkY0mwpTz0kdnjy8GaeuqSkl6WbXHpLWZTXkR4AtO5MY3syvXSNMnYLhIT4YavPkE5if4FQUHRGXOL-NgBcUJgdDIAGoIbkwcT6rLz7AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0usVoqwzL2dyQPMS7nMvt3GQQ53w%252526client%25253Dca-pub-4743952843388744%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sat, 27 Nov 2021 12:00:33 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014433342&oz_l=6696&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame A8C2 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014433493&oz_l=6518&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
trk.php
action.metaffiliation.com/ Frame 82B6 		817 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://action.metaffiliation.com/trk.php
Requested by
Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/na/na/res/trk/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
56d9719ff0414b0194f9ae22c620928eeee851a337dde8fdbd209ac64baf3f90

Request headers

x-kwanko-sdk-version
web-1.16
Referer
https://googleads.g.doubleclick.net/
x-kwanko-content-type
application/json
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDaCpEbbGT0mcp424

Response headers

Date
Sat, 27 Nov 2021 12:00:34 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.0056660175323486
Connection
close
Pragma
no-cache
X-TRK-PROC
73241
Last-Modified
Sat, 27 Nov 2021 12:00:34 GMT
Server
nginx
X-TRK-DECISION
2
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV
9
trk.php
action.metaffiliation.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://action.metaffiliation.com/trk.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-kwanko-content-type,x-kwanko-sdk-version
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 27 Nov 2021 12:00:33 GMT
Content-Type
text/plain charset=UTF-8
Content-Length
0
Connection
close
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Max-Age
1728000
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014433925&oz_l=405&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
ai.aspx
m.exactag.com/ Frame 82B6 		43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Sa, 27 Nov 2021 12:00:34 GMT
Server
Microsoft-IIS/8.5
Date
Sat, 27 Nov 2021 12:00:33 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1788
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
img_5_1_1.gif
img.metaffiliation.com/12/73241/ Frame 82B6 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/12/73241/img_5_1_1.gif
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C37) /
Resource Hash
a2b3c5cd0c329c390fe6c10f7f4d3e83f67fc81657ebe7daebb89ee6821cc738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:34 GMT
content-encoding
gzip
last-modified
Thu, 04 Nov 2021 08:57:40 GMT
server
ECAcc (mil/6C37)
age
3121
etag
"6183a084-1e58"
vary
Accept-Encoding
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
7502
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014434090&oz_l=3427&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
2200384
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/2200384?wmode=0&wv-part=1&wv-hit=681708894&page-url=https%3A%2F%2Fwww.ng.kz%2F&rn=419445897&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638014434%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211127120034%3Au%3A16380144319429825%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638014434&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:34 GMT
last-modified
Sat, 27-Nov-2021 12:00:34 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:34 GMT
b7bf658a-32fc-4138-9aeb-453b58f61ec6
https://googleads.g.doubleclick.net/ Frame 82B6 		795 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://googleads.g.doubleclick.net/b7bf658a-32fc-4138-9aeb-453b58f61ec6
Requested by
Host: www.ng.kz
URL: https://www.ng.kz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
795
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014434664&oz_l=3594&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
2200384
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/2200384?wmode=0&wv-part=2&wv-hit=681708894&page-url=https%3A%2F%2Fwww.ng.kz%2F&rn=64380299&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638014435%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211127120035%3Au%3A16380144319429825%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638014435&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:35 GMT
last-modified
Sat, 27-Nov-2021 12:00:35 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:35 GMT
configs
cdn.gravitec.net/sdk/web/ 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e4711cab19f1b60cacaa369558a7bb879f7b652eaf4811505f4ee39d6cfb2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 27 Nov 2021 12:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9246
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4743952843388744&plah=www.ng.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 12:00:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 27 Nov 2021 12:00:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C12A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 27 Nov 2021 10:31:07 GMT
expires
Sun, 27 Nov 2022 10:31:07 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3C75 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d95fe968fe6060fd60ecb51f5adabf0cb059ce7a9d4c362292282f5b25072bf6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pv4+HpkA7rX7QG8QRlXsnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 27 Nov 2021 12:00:35 GMT
date
Sat, 27 Nov 2021 12:00:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-pv4+HpkA7rX7QG8QRlXsnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
pagead2.googlesyndication.com/bg/ Frame C12A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 02:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13371
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 02:34:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1818329864871067&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H4BSNKT7DH&gtm=2oeba1&_p=206844759&sr=1600x1200&ul=en-us&cid=626400972.1638014431&_s=2&dl=https%3A%2F%2Fwww.ng.kz%2F&dt=%D0%9D%D0%B0%D1%88%D0%B0%20%D0%93%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sid=1638014430&sct=1&seg=1&en=page_view&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4BSNKT7DH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ng.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1818329864871067&bg=!kJOlk9fNAAZQLpa_UC47ACkAdvg8WjbWZJrvWhxUa7Mund15-a9DsJKER4ivsVcYKhUQA9NJuqEwaQIAAABbUgAAAAtoAQcKAQoJnEmjvVG1L1Rl8WNjGKQ5Gm96ojN58GSjZrE5lPkq6ZgLUTuu7hHQzpGY7bzYmZiL6HM1rpPJ7kfPSJFKdF13-pc50h7aqytRwk5DpHcR3W0ZSTXiyt1bvMTMsCtu4t42ZAfK2GA8WcDvU0ZgvLwLqRtigZyjOOeaOmz-yyjpmcsSmISjXNEQEx1J9ej0NCksY3qOB6vLN8UpBiD2RmOvcd6LYA9KxO2hVJB3CUweTMDnRKtffo3ceKJd99ZZoCtrkoDS_t5LBVm6yjydyoiJ1xOVhGRnIO1bpdYhLHjgZg47c4YF-680Tw-ZsMj90-vhKCSXTqyPKv2Y0lLnZlYAtzDvdAWjJzBMPZkCbLKRDCaF16Tk2-qziEnbSb-qIfAvmmlTjaRJQMiWtmNJdgcyNqf1va-550QGv5eKkHAJcG47KH0zwrCYWcYdMMcTB57RtPS4xpFQATdlfutofYimWh6UV1BY7vqojl67Xo0equBKPv0RRtnT59j3w25lfgc9xZWzc37Znlg4a0laZVV0npSHosctNR6T3Gyh9k_thMm__lWY2M1ZX_2ZFRU5aZ4sh31gfGxKFgm7gHQgzJ3KfGPdxGnu90LKYLXRIMUMkGAhoUp7bLWYTMBEKG5-5qm9XNs_HTvPRHBVPCUCfbdsvq6FdpSfs2E1f4KuYFR-yYSv88Qt3POTdceUriP9gLAlsjIf92TCehAYowvBX4oUE5OyF1NQsUt15MjzjXc7amCh0ZWIhX1la2ZlXhSijK4E3WbIKrSpBNASVTV2bw_O3vu-Gz2YXWC0kGnOKXSLGUJNx-C2oJDjvXAZSCg2Lq3aXi_Bl4wBfEhbwBfy9INv1FElpRvnjZvV_bJSn8UnqtppEbe7_6XyemFga8pmTTRBe9LxupHCAOsWVDrlxMSH6XsxDtjoZjEKv2HAibuV_KySk5kJbe5oo8LHn8b1sMawdGp_tRUSSGjn5odcl2hEuMgERoxpMjxLOS4D1M02k5-nfcdQaOM5EN8BpDoApv2BLpsTXjXl6jkH8tNxm4DhObWNDAkvk3ex-RgFg1vkqIXFz0vk6pT6ge6mTBtxtGWabhOV04BHGT6XhT8xcdysQQ8-tklNOUruwnZS3qJ453i22rprVVojI6MBxJxGENiH3gHtPVxzCxLXXjRmi1JKKGS3KK_iNZNS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.ng.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2200384
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/2200384?wmode=0&wv-part=3&wv-hit=681708894&page-url=https%3A%2F%2Fwww.ng.kz%2F&rn=836029180&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638014437%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211127120037%3Au%3A16380144319429825%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638014437&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ng.kz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 12:00:37 GMT
last-modified
Sat, 27-Nov-2021 12:00:37 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.ng.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Nov-2021 12:00:37 GMT
postback
s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/ Frame 82B6 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.40.0/619621/AO0mf8ASEAQOTdFU/postback?ti=1613664017684739626&pp=pub-4743952843388744&si=481016479&ac=651871&cr=6622326&c1=4562306&r2=&pd=avt&di=https%3A%2F%2Fwww.ng.kz&ap=&sr=4&dt=6196211556140246740000&ui=2d47eac9-0fe2-78cf-0000-000000000000&pv=753eaccf-c47f-4088-88ca-0fc18d4ba923&de=43003&dm=300x250&ai=216536&r1=2a0f%3A9441%3A5%3A%3A&r3=&ci=619621&sid=AO0mf8ASEAQOTdFU&oz_sc=9184f464c22cb714768f88d9&oz_df=1638014438436&oz_l=106&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.40.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 27 Nov 2021 12:00:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek
Domain
cdn.gravitec.net
URL
https://cdn.gravitec.net/sdk/web/configs?appKey=acebaea5ea271126325ba1d3fad29ec6

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| yaContextCb function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| pcodeJsonp49546yof6xhCs6R object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya function| xoopsGetElementById function| toggle_visibility function| justReturn function| openWithSelfMain function| setElementColor function| changeDisplay function| toggleDisplay function| toggleBlock function| setVisible function| setHidden function| appendSelectOption function| disableElement function| xoopsCheckAll function| NewbbGetElementById function| $bb function| selectMsg function| showImgSelected function| setRequired function| MenuTableAdaptive function| TopBarAnimation function| tabsheetActivate function| insertAtCursor function| addDateTime object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga boolean| yandex_context_perf_logging object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| ym object| _zero_kz_ object| jQuery172048184496903997354 object| months object| gaplugins object| gaData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onYouTubeIframeAPIReady object| $sf object| yaSafeFrameAsyncCallbacks function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| yaCounter2200384 object| recaptcha object| google_llp object| php_js object| b object| googletag object| gravitecWebpackJsonp number| _subscriptionStrategy object| GoogleGcLKhOms object| google_image_requests

72 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: D3/3NTWueMyWXxA2h5MZCKWvlZ2RG/pETxCzOne26KP/FZuGtuF6nkQ0P5dGiKzqCCFU3TSbS4wDTdNCgaIucpDKd5E=
.ng.kz/ Name: _ga_H4BSNKT7DH
Value: GS1.1.1638014430.1.1.1638014430.0
.ng.kz/ Name: _ga
Value: GA1.2.626400972.1638014431
.ng.kz/ Name: _gid
Value: GA1.2.1151605329.1638014431
.ng.kz/ Name: _gat_gtag_UA_43484952_1
Value: 1
.ng.kz/ Name: _ym_uid
Value: 16380144319429825
.ng.kz/ Name: _ym_d
Value: 1638014431
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 76187908fake
.yadro.ru/ Name: VID
Value: 0oeCII0mwduD1XeXtU000CXg
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2038069394fake
.ng.kz/ Name: __gads
Value: ID=13b3565d4c8a6177-2291457506cc0042:T=1638014430:RT=1638014430:S=ALNI_MabRLIK-4YbdhUNOYG0NV9oMLSTlQ
.ng.kz/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yandexuid
Value: 4796849781638014431
.yandex.com/ Name: yuidss
Value: 4796849781638014431
mc.yandex.com/ Name: yabs-sid
Value: 1481861461638014431
.yandex.com/ Name: i
Value: 8G/NcLt0HtXrj4jluMxMRrM6hF92D6Ii7Ge4csVrH23mCdxf708mr2aMR/1M9eIIbwIFXeD0RpxZKhAyfJyRtLaNj90=
.yandex.com/ Name: ymex
Value: 1669550431.yrts.1638014431#1669550431.yrtsi.1638014431
.optimizm.kz/ Name: _ym_uid
Value: 1638014431870139307
.optimizm.kz/ Name: _ym_d
Value: 1638014431
.ng.kz/ Name: _ym_visorc
Value: w
.optimizm.kz/ Name: _ym_visorc
Value: w
.optimizm.kz/ Name: _ym_isad
Value: 2
www.ng.kz/ Name: _zero_cc
Value: d0434d35d6b928
www.ng.kz/ Name: _zero_ss
Value: 61a21ddfc4fc1.1638014432.1638014432.1
.yoomoney.ru/ Name: _ym_uid
Value: 1638014432203040480
.yoomoney.ru/ Name: _ym_d
Value: 1638014432
.yoomoney.ru/ Name: _ym_isad
Value: 2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mathtag.com/ Name: uuid
Value: c3e861a2-1de0-4d01-8341-f86def2516ab
.doubleclick.net/ Name: IDE
Value: AHWqTUmL9UscRzc8_dzd7MGxqyiakElhRr2rYFtCnLICz9GQ7QGdGW3LitdIYgAwzMM
.metaffiliation.com/ Name: neta_ssc
Value: aba0f3l3ju0gfj74s2wqvgi8c1a7
.metaffiliation.com/ Name: netases_ssc
Value: aba0f3l3ju0gfj74s2wqvgi8c1a7
.awin1.com/ Name: awpv14098
Value: 296283|1638014432|9f939850-4f79-11ec-b06a-226397119453
.quantserve.com/ Name: d
Value: EFUBCQHpJIEA
.quantserve.com/ Name: mc
Value: 61a21de0-dbc22-63d19-9a2ce
.agkn.com/ Name: ab
Value: 0001%3AoJUxMX3X91g8WSLT6%2BBRulSEL1qQTJNS
.agkn.com/ Name: u
Value: C|0CEApNNpgKTTaYAAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
m.exactag.com/ Name: exactag_new_gk
Value: 6db90f27af834118bf2d817ce65fcb02%7c26.01.2022+12%3a00%3a32
m.exactag.com/ Name: exactag_new_uk
Value: 0a42ff07111d475686ed3d135ebca8ee%7c
m.exactag.com/ Name: session_session
Value: 6b249971a807446a818edde7
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3A93BA57-CE50-4537-9FB5-70B35C7E0E9E
.casalemedia.com/ Name: CMID
Value: YaId4M.8dHzvW.reT1blsgAA
.casalemedia.com/ Name: CMPS
Value: 5226
.medialead.de/ Name: trscj
Value: MTYzODAxNDQzMnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRjeU1qVTJOekF3TURZNE1UTTVNekF3T1RVeE16a3pNREV4TnpreE1ESTVKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.innovid.com/ Name: uuid
Value: 22354c26-4a87-4ff3-926c-5248a27d36bb-20211127 07:00:32
.casalemedia.com/ Name: CMPRO
Value: 1135
.casalemedia.com/ Name: CMST
Value: YaId4WGiHeEA
pb.media01.eu/ Name: ASP.NET_SessionId
Value: a0ltzjnwmnrqtcqdye2fhl5j
pb.media01.eu/ Name: DTU
Value: 8F4533912203149ABD8CD691594ED197
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.awin1.com/ Name: awpv24708
Value: 412871|1638014433|9fde5cf0-4f79-11ec-949f-22340a93398d
.awin1.com/ Name: AWSESS
Value: 417689:2932283
.lead-alliance.net/ Name: ppv1225
Value: 2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH
www.lead-alliance.net/ Name: PHPSESSID
Value: j2q83tmo31p0l4936p4t5f57bn
.lead-alliance.net/ Name: ppv1226
Value: 2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH
.addthis.com/ Name: na_id
Value: 2021112712003300016127318716
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 61a21de1e7599054
.addthis.com/ Name: ouid
Value: 61a21de10001442efc8bd8cc1f58c9436c9530c08053efd35bfe
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211127
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY1MDAwMDAwMDA2MTYzODAxNDQzM3ZsZWExZGUyMDIxMTEyNzEzMDAzMzU5Mjg2MDI2NzU1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFI2VkZnZnhHYkNYMjdUa0h3SDN0UXRkZEFGd1R6VG02WUg3b25laWRfX2FzdWlkX2VhYU5vSHFydVp4MTZUNXoxelI4OTMxZGJUSTVQcnVhc3VpZF9fc3VpdGVfTmV0bWl4X1JlYWNoOTRfV0taUkVBQ0gxMTM3NTI
.blau.de/ Name: nscQ486
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY1MDAwMDAwMDA2MTYzODAxNDQzM3ZsZWExZGUyMDIxMTEyNzEzMDAzMzU5Mjg2MDI2NzU5WDExNzY4M1YxMjI2MTMyNzAyTVNvbmVpZDV6YmhYZms5TXRNZWtGcEg3SE10M3RFRTFjRVRWVFZycFQxb25laWRfX2FzdWlkX2VhYU5vSHFydVp4MTZUNXoxelI4OTMxZGJUSTVQcnVhc3VpZF9fc3VpdGVfTmV0bWl4X1JlYWNoOTRfV0taUkVBQ0gxMTc2ODM
.o2online.de/ Name: nscQ485
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021112713003359286026755X113752V1225131106MSoneidR6VFgfxGbCX27TkHwH3tQtddAFwTzTm6YH7oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=113752
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021112713003359286026759X117683V1226132702MSoneid5zbhXfk9MtMekFpH7HMt3tEE1cETVTVrpT1oneid__asuid_eaaNoHqruZx16T5z1zR8931dbTI5Pruasuid__suite_Netmix_Reach94_WKZREACH&wfid=117683&ratenzahlung=24
.metaffiliation.com/ Name: kwknc_ssc
Value: ds511e19571c9f151-NzIyNTY3MDAwNjgxMzkzMDA5NTEzOTMwMTE3OTEwMjk%3D
.metaffiliation.com/ Name: kwkncses_ssc
Value: ds511e19571c9f151-NzIyNTY3MDAwNjgxMzkzMDA5NTEzOTMwMTE3OTEwMjk%3D

6 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9470.1uoRmIxF_iRQUPp1SzJx6iCupWqYzRSgI_GWTmbEgeqIW2Owh89tIFypcchZc_eYUGO-huU6gs-qoRHokzLqyQ%2C%2C.u1eYyZrwKpOnF1OxM-lUxbMlGyo%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
worker error URL: blob:https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182
Message:
Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/23b7d167-d926-4a67-87ed-5ed23b09f182' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_gid=CAESEHmnGvAefQwWVAGsNHFT7g4&google_cver=1&google_push=AYg5qPLo3TsuKegumNSSlzkUdMZjQOc9TETkNScZgldMl-67fkfzqf2xNVcGCFC7M3VLlsECOfp_NZ0u-G7NWESMV7CdQG_p-q8P
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaId4M-8dHzvW-reT1blsgAABG8AAAAB&google_push=AYg5qPJGCZSPV2FrgTpzwCNDWHsENcQi2lzridIVLXsVteZZ0z3i98LAmxoM9P-I6Rfz_57n6U7jacxlUtMFqR47h7HSHBbqltTb&google_cver=1&google_gid=CAESEEerd8bc5-GaYRPlLQ-fxek
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=2854383581&client=ca-pub-4743952843388744&fa=1&ifi=6&uci=a!6&btvi=3
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
action.metaffiliation.com
ad-server.eu
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
as.ad4m.at
assets.ad4m.at
c.zero.kz
cdn.gravitec.net
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900029.redintelligence.net
image6.pubmatic.com
img.metaffiliation.com
informer.yandex.ru
m.exactag.com
mc.yandex.com
mc.yandex.ru
medialead.de
ng.kz
optimizm.kz
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pixel.mathtag.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
prod-rtb.ad4mat.net
pv.medialead.de
rtb.openx.net
s.update.mediamathtag.com
s0.2mdn.net
static-de.ad4mat.net
static.yoomoney.ru
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.ng.kz
www.telefonica-partner.de
yandex.ru
yastatic.net
yoomoney.ru
cdn.gravitec.net
cm.g.doubleclick.net
104.96.159.57
109.235.165.222
142.250.185.66
142.250.186.162
142.250.74.198
145.239.193.130
18.194.46.33
18.203.213.28
184.51.9.44
185.113.134.12
185.29.132.246
185.71.78.18
192.229.220.129
198.47.127.19
213.174.135.1
217.182.200.20
2600:1901:0:76b9::
2606:4700:20::ac43:444e
2606:4700:3039::6815:c04f
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9a
2a00:5da0:1000::121
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a05:d01c:1d8:8101:4d99:e3e3:5994:4b29
35.227.252.103
46.4.62.19
54.76.176.197
69.173.144.139
78.46.111.106
78.46.85.162
82.113.101.132
82.113.101.236
84.200.5.215
85.14.248.72
88.198.250.30
88.212.201.216
88.99.219.174
91.201.214.115
92.123.17.141
94.23.99.218
95.131.136.1
01dbbcda455c40b60de4c3fdefe46f16c5fdde89df50e269f9050fe3478f08f4
01e30623f1fc127891dee76829fb2eb49cfa3879d193de851b91e45c951849cb
0417721285787f1e990f80c7775f72f5b46876efa5fdeb42f86e7c9f6103721d
080915c97eb36f45adbb0659024af38461905db332fcabdaaf50520c10f58edc
08b13e9bd202db706536afa6af63bdf52d90b660021f3eb3297f139d49ceb049
08cda10a97734aafdb7267d49a070e756a24d9b2b12c6bcbf9c181f58017d7c5
092ba8d8406046d9dc03399304b164b3724bf0fed7446fbd5507d1b371bef431
0979b35103ffa497dab8e62aba344b213725750c85376ce87de3a48dc3d68b76
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0afb5d8a49cc6346295cf32690361b98f69331c460322fe9eaa2671154f3d093
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6ce0f76a035750f9f0ff0c21208adba1a20cdce02818168a61d93b2f2e6204
0d5e883b9c3a1d1d0afaac8b5d2599ed3c731ff1565067c40968b64a8b37a136
0f69c7119f0dc0b422fe92d484f2cba0d15ccdb946db4b282c5dd900e8621745
0fc7d69850666ff22ac32f8399d695095da0a9d54277d3988248a2d5447eba6e
1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc
12c0127c01129e61322c6a2c5a2d9eefb4f8c0496dc4c6b7bc37ff1fda1d7cb8
13604c6b80d5e6ce9d13f2761b76929a3010702e3679c07c2038257ecf38b70b
139035f83574be143256edc8d5ef0d51d3e4669942a85f9da1943feb137bc9b4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b95cc0f82c19d9dcc8fcd06d99e9e372ae681ebcffba695e91afc3e7c02218e
1c2ffdaf1a743953a4a0e134b3cf202b59b10fa06e5e593361b9a73e5dad75fe
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d2fca70a3c33ef48f59be8b22705d11a3e09414b2965cd2ed39822a140b7224
1d5a12d5947b2d33c2208962bd4c60213e7094e29d6e9099f533c1c765759365
1de638bbeea976afd77759a7c02b3d49da0379a456a85c96fc78dc65953f9014
1e3527e17719927fa4b18e350a61a9213abcce23cf32413a49c8a4481b326bf1
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
20b734c03abe13089751b0271b55439e2a532fc2e3ff674a3e91dddc30cab249
21c0f77de3752eae52db428490394865169c0118860ca91cc4c0fa7daf9ced1b
221973bc9c8be0f39bcf59d234ce634d50e9ab59a1799e96b05fabb20971f810
22c01a4baad0cb3e47ef03f440716bc8264268e505c87835d3d8b4a1865fad00
2451dedd85209b4e0ba7723363f8430efafd7e1399848843578f9ed8e7b155a2
24e11ecea4456251642605dfb97c5ffac4938431a8248642e95207394a1a54e7
25ebddf8cb6ab2554a030cd957a13712ee002c0c1614f5818e4a752b979532fc
26639195c11927b2b97620cf16f622e607d2c8531cf0440cab8d76f5b27b6405
26751f31f8cb18f9474ceca7fcba91b33ba15cee485185d7a347c8ef015ab5ce
2729b22d4c76e939a602097cd1e81d089e36e783da6e544ad037cb5f58fb861b
274d768490c263fb4bdd8f314a3555130f22c94ed87f5957b41e01c053ba8953
28d8964deecdb064f26635bf7f95ce38d5f46e400d5072f1b0009eb0bdec77b2
290af256ae2e41a4ba2a4bc48c9836ca7e6fd200ff3e29cb5630820ce20f75f6
2c287f00d41ff6246820e17777b0a155476214b179c8c2c9cbf6e0ec789f09b7
2d43c04a2d2f68039cedc241e492503a5e0d93a2cafb3be130993b3e3dfd8d4a
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3062220e0c4ac6547086aea36c9f3c1a428f76990c1eb346b7ba7c3d9c9851ed
3069c98de366c8d6804693accde2b5093b396b07c2921c179111bae6fa74f2e4
3106f9fc42123fa4e59ac4c0727abfbdfefd6f0ea9346401a9029bf0f99d613e
31705322caf9bb8452a5cf0440285cc0d7239b03246c3fc93fd483de8c416a20
31b4846e4a79ee7a1bceef910db324af3012fee9cb0a1efe07d34254a19ac25b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3347d18bb0f3835c27d24d586e338e5bcfab7ff5ca714479b178c019a797b034
3352b69374004aa2dd4f33c6da65469997ac1e910fde6874be488fbfd9c739d2
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0
3ad813893eca23e7db59e7eab0a00318812b21b16241e278bd13645ab5596f6b
3af9a24bcea936419904a0dc04ccc6c59fc1d18f748fc44f49a7035536827ff2
3b283039203e824d6d959a8e1c66e6320d1a1d4f5746176ba3454d41e0535462
3b31a8c1eaabb1e6d21a5b0cb05319814c94c5887681e08268c51aadaeddce4c
3f1be825f7d2ecf3d0c8419ff435a70d23ace2ddb6443366410d704154804571
408900c07074690884b9c22e0cbb39511692f4d1bad18954e12fa0d80f4dfbe3
416d83fb7c901c010b7764e3ed4e72822d3fa03595c980968e8a22458c3a178a
427c5d5c1d6867d0cad92a4663f09541558a1bbdf4768d28e8ecdfd2374d1708
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
436c322138476e5c91dd9a90a8cf26525d99282bf0d21c5854523679cf69eda4
4610de36dc17495aecf29255c5e8db34ef719f5afc1ef2c6f3df5845ae25cc51
49ac271d15b4546f9582310bf1ccc1a0c94213b3fd2ae5897f9206ff5ab0772b
4b49acbc99b5f0bf378d02020a37407d3faf8534c3fe7301ab4fcda10faffa48
4bb8f9580985428d6b477dd8308073b0420f124283d0166e0b16fdc93096114b
4cc37042d5d187124259238bef5e5aa67dc59ecbc528d567967b809686402743
4d795a7f6bc8cc1cd7ba46990ea874c768df53332a1dc5d3e94a4f431b0029a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4711cab19f1b60cacaa369558a7bb879f7b652eaf4811505f4ee39d6cfb2f2
4e8d8038ba97481a3d934aa7924e58bb50bbac028d722e99a954c2ec0e289234
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fe579b39b9d2176dc5fe22f3b5120adfcc082cfdfa32a3e3e151cc55a01f5d8
5347121468c3817e5261b94b958e7d4bdcc9c1e16ac6b750c7ddc044ff335212
53fb0a91995bf1fe7c9bc7ca7773ae1ae76bb350967c190123abb15c98053d9a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
55875a2e63363c27cb067d5bcf21a65bd8efffccb7a4de1ef41ae8b159e7023f
56aee8ca5b6d8cec760dfc04f8e5697b50d13b6e143baa6cc97aca4b2a555185
56c8adb5ff74e933ff78154a776c223ded28b45d673cfca0aa31ab28f2143739
56d9719ff0414b0194f9ae22c620928eeee851a337dde8fdbd209ac64baf3f90
5738175460eab65bdc42c001078667928bcbe77d2e262bcc7460a5bd818dc31a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
591df9792f263ed0260d824bd201c03b2830083b84990afb5670b506052e4efe
59da8cdf13013df822c0f9d43ec1ededdf2407398aa0643cccca82fdddf889aa
5a76b6f87ed1d7d48153d25dbcd258af66c578fecb477a56265d604e18dc12e8
5abbe22f1095bf3236693bfaab20665eb7dd5b70a44fb4760c4b04025c5c57c1
5ce61033bb97a85cf6efa08d54875b366d6909c6a126a24a636508dab0054b37
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5cee066424a07684752dd84ab411edd8f925fe859bb9e50dd7ef36a1e80e546a
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f2d08588077bb8709b324a08c5607d40d98ca1fe64dfdb2abfd0d6878b9c255
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62445cfd42aef59a778256fa7aa70e0c088d8e56e03831831c7c29e80f77d44e
651a78c42be64f054c73759725cc7026c76c5b28f84981ff7d5980a5f4606e9b
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
657256b99ef85490a8c85108fc218e539d6d4eea7679646fdc3e7696e173768a
6699a9f2a499c6c1b1c0b4abc9e3f8b3e43cee2fd07ab25dd6ca5e68aad07428
66aa0a03f6173ebefcd4327bf0fc01a454d758ea6c8d786790a4140b6faf5bb9
671d49f3be664438caecca1167805331ce56c408a97d49c7413bca70703b49be
68606caf0a7ec071519a566f20a014622345fc20fd991b4e033619d7fd3e58a2
6b2981a3f1d892e64e6164d1377414fe24e41b88c8e6b6fc05c3a2b840453d8e
6b952b164a45e4735dc9ad7c9ea64bfdc227bec8e0f056485b839738bbbbc058
6bff34b32ce057d1d562c0a2d5db8b39c5832562063607071bde9950580794be
6c3748a7f317defcf7e7806f6279dadec51deb1a62cc47158ce68d68a4faacd4
6c5ca42628505188ea96e4abd1c74b0929839ab1944427c9c043a4f02dd34be2
6c98f48b6d776a27f8cbdf6982d7b538c6798f9104e6329ddb7782248cd015cf
6cb0a771fbc5512e0d5aae15bde8a4926c9ff9856fc3f87a32e5f8b647a8e1dd
6d74b6de8650cba8319b86e3299350a2e7cf134df7f5e5b6e37c9404be8de760
6f1ea225046fa6e89fc1f06dc6d1eb074c53de1cec75bdd765dbfde0a95ae36d
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7513d2d0cd0ef286201e7fc2601f6332d4549d2eba2084efa06dc66a70610cf7
7525e45ccfc3c59c7fc975e9dcc1dc526abe300a12edd620047fa5f8f2b01459
7576eea0ac49cc811da743051bdb6f14b654990fcd65a61af403cef65fc7cfa5
759d0a91b9127a7cff19e81f0f1f2326fd9ed375415b65206d1b8f3278a8ecb8
75d8d6e70ff1ca61d1ed5cd847209d6c9d9baa82fb14a066c7d87c26264e8abc
76429ab384a063228490f946aca10ba585e77ec0aa193067ab7a00c282f0ee2c
76993d6d1cd96c814201ad5fa90ecc698d09a23e156808b9d8de4644ab2539b3
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
7854563155e31fd7e2853bcf31ae8208f409baef17e286fb5094fc12b439d78a
78ca41e2a51eac9ea97c40093e1a7769557841abc40430df6cae8a6153a58772
78f48a364d64379c7f2240349201400559b6e97a4cca5c1a314d816a512c6af9
792206b16cf5b6077c0e3d304552cb001cd95945280314b730e7d40b4456b8b2
79aef3abc72d34fa4230c90c0b2fe3fd8bbf0bedda8a1d8b2d61033873493c38
79e2e37860da2a28e646389e25ed2499bd1628630186f95b30d66fcb20a7b4c9
7aadcf94da4a73add4824ce17f56a3d222169b09d13db4370ad3e2e598ecf3ac
7ab46e0895168250cc19134e309d39506de0e01445559bde5a3f1c51fd58c4d0
7c22b007743a09ec0ad5931edb3cc96fa88009586b10e0d3c502eeca52fbb183
7d74ef3eb1e318be765194cf81d74d8d24ff4536da4ecfcf5d7a93368a3b7025
80536d521bf51a4c1831948af89b46b6aeaa902cdcd3b89a7898cdee14bd95cd
80ad437243d9d3c355b59fd6532733b3dba2e38efec21c7a9eaac71ee00c5d24
81d8b51617e2d94423adbbc0436865f2c0c588651c197def063964c318ed45e8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84d2dac16f1b22edd37d7a8b907e8930c580e30ec97860ba98973b16809f8b6b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850692e8bb0d9821e1312a461f1db53c185e027d92a1668fcfdb4af8eae7fb34
867c2307e9c97528a9f2a834f44ea64987e383b9b7b22e1bc25601a41af8e20d
88f1f2397a76abb2810ec6f998d6ed32344d8e824471404b793dc06aab17e5ee
895b2d1a05f249bee24932ba5f21a395bec41c6438abfb9dc3efed1216b72a51
89f16c713a46f887385e8b1ddaf2dbdfeac28f2067f76c71fb666a86720c44ca
89fb15fce61f63fda81f522790608244c64ad7fa97419343a89730f32f5250c8
89ff1a843c781c5419ca314b1c78a9a1d51e09f5080ccb035f202d566ac8ba01
8a368ef22ea08e41d90cc8b9bab6e5ce8310e1b2162420f61cf57598c13670d9
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bef480a72c4a343c2fcafc5cd2f3b44603c7a037a704efe5257a2d8fa2074de
8c1ee18eb9774e807581310fe5db3dad8ced4bfa8a2ad36a1b8012d58c0a2119
8d4bcb4e5385ffa44e230202c6c5dde689949a791da40cb4025c6d5ca627ceae
8d5405572f33aa3d9d34080381f87357be3c2c42e71a6fe7588eee4dff3d8eb7
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
90467c19c0cb92e9f5797c28b89dcfb5fe9b7e96d51f5a74185d2d209ad5506d
90c6deed367ca50fb856426567e29f814451f8c5a934d7ca6847d9fa7180f963
91e0fb6ae163e3c408603c1acb55f9f9235a91154a24d02ce5a430a76e70f496
9308c4652cff40b26c33fd03531026d5ef0ed06b0a2782b4755f76a153c5ca12
932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93f7008986d79103c709d511dbc16c399a7f4d726c7fcba5410408334ac28c02
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
982ac5e53c4dd0b53c1778b197873def9e96bee14d026632489034bb64cd2c52
987a2b62e33b2c61590e5a62baf86693462c78dd97dcbadcc26a350ee7f8b569
988eb995e91bffef71109304b12858dbf2f334084769fce56672c32af4dc9ed4
99166dfb912a7fe1a77dc2763bcad6e19f666fc63498aed79d338829f32f01b7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b691e8423c61d1c3007a93ccd1aba5658c23a4ab2f65745c2ef15984930c124
9f2a40121153b90a0fa87202918476624861ebe64bc9838c14edfc81fc5d2264
9f6a68840c1a5fb9667941cb8f5f5877f61ad79313490e633e8ae12caaf00099
9fe03461929503604868af8e4764fecb7403aaf062097dff9ca3c1504af3eb5a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24392f3d989fcfea869d281f7471e744dc396ee3f460a82ab54537a032ed967
a2732d379ecdad5445a1c5ad01790c673574ea7610d941e2102dfb2e0ec4645a
a2b3c5cd0c329c390fe6c10f7f4d3e83f67fc81657ebe7daebb89ee6821cc738
a345064aa4dc8d7a628652d2e1057c4c04387c902e72b9354cf877dcb0869362
a403d5a1121714e99031cbd3a8afce12ac3da6d99bb24264807630d9e8d7effb
a43cec7276876351ba42529cb1dbde8d07ca5c8df508ae3ad17bdfde4b286f00
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af2cbe0a6f02a315dc6c10c28dc4ca4187ed8baf0bac35f17c6cb15632356b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65680deae5745569a30df819ea0267e4d177eec7351c46cf02edd492d88a5b3
ab4ecc8268a533008fab2a642a8b2887979a3861265bd39c193587c516e3831a
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
ad4ae5ece3b4cd0d7cd36b98ad4c71f10d8ffe902f5a8114b231273ba409b5b9
ade545d4bba71c37acdfe9f14c24563cb48a554a2e2d047154912d8327eb1c07
aee0e12abe2b8a956df266053a232566615af1bef647cc2305cb3f4bf02224e5
af81a75952fcae526e9c56297431881ddb3971301d5d0372df5592800a274ca2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b024a1d69f547ee5b40cf8e6a1c6ca635ebfca8702d6f36ccbb975c62d2abaf5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ad81e1871e5758d3633478061e4bbc3e65a93f89e70426edb6bb4ea503ceeb
b2c5b702ab3a83e3c2f07ea6376fbe989bbce06ad18dfcbd58f0460a0de33c9e
b42fa081275ba14ffa76fe75a5386e1b6c89166ba8d9a030962904e51dc68a9d
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4a2959feafae35849e407ef694a53772ba1c1ded7224fd4eb2689073ea0a46b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b69d9ac38195ebffe1576da8e5621443832ad5ce00415307d093e780b4dca55a
b6ba10f3496e2a581459a2cb6418801499087c68f6cb7e3bcb682016967f8026
b762e45eaf28b1220c0c91a01d257bc945481203e1f4751ba5058833cb1fbca8
b77bfab7df097ec60133e2f066c690e996da20929f7e007c3d3ce0a92ba7b7e4
b89ec6fdfb7503794cf71c2678c83a8cf75c025724a3788a6dc6ad52499f96ae
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bc67e658d7c42368fdf62d0457741cbe8fe5fba54ad5ac07ef5b30c4c0a348e2
c030e62c83eb8a2d1a5d0951d9b1c6384ee0a9d3c91422f34c4eb20fde848436
c0c95ac18b03334de6237f9ff039a9239135b60785e5b3b43399bad4b22f299c
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
c303d351e6d02b9ef68e7c96015a688b7ae399b1e41c681344790be7fb0bccb2
c3079788177f9ffa0349fc9f472435d15a99d4f6d865bde952529ea19cd87600
c46869849b59f3e62d260455470145cf262a078761550e671c336af696d14557
c536e4416810ffea3ae842a538625ee8df6d2b6d17477662a9aa559860744a62
c9823eff72970e10adc03f40b44933eee53fc1f8857b3b70e5759637d5818e73
c9e5e1dac25ccc507c5576c1f56cda2222860b869aecb3e7e1f1a8ba40bae2e5
ccd14aeead0d506e194b31501cc429c5f3d77df86654fdf68d119b88389f0b0c
cfc638628d07898e8e7aeb721438fc0489250e6d279aca63c6bfc4363c49b51d
d0b37587b3403a5f03d4f662f9427f77809d2b92b520dd948b2d568bbd2e000f
d0bab8b0073bd0d11a89efd788372db9f143413c2e1b690f5888e0c1e9839c9f
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d19f335612f130b5743e4aac6cf262e5f23c8d74953a0875e255252dbe126ab2
d2e59f4c13b320319947fa6e28cd01f74f22e1dfc8fb7b0c954bc7c2a504f0e0
d46ee8aba242da316c8a6d7d1b5a52b0afcc97d881208d1809ddd7d330898fbe
d5a5a4f316fe0235d259de0c75dbac9ccef270b13002a8f89ed8da7c6daacb76
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d749dbed0c3aa0d6e712f6ae447b94e084671981a141b40a6243b306e21caf27
d7c9faa4a83ce03e9c87d0a6e2e29f4eba7c83f6bfdf38c905d698486d240076
d8022d2f49329611a8e97cfeca902dad90431e2e5a784c029ab988194aead507
d8d1bb52521f331e9b51731cb3c992be899fa8939c5d4ad3959016c297dbb326
d95fe968fe6060fd60ecb51f5adabf0cb059ce7a9d4c362292282f5b25072bf6
da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d
daf832cdf4233e5077eaa55dc5685e66b70545412aef07da0c0b8532f0e8f5db
dc09c557d3c7322c1777a8789fe65c66bbf772daae292b27606d0f4a540c9419
dc4917af5b5d95880156aee474175642c85a66a63f6e7148cedecede4136562a
dc512017fbc3ed494cc473d36e0f840c6fdb6c427512ebc2b0993ec256b59ba2
dcc8dc641c40b463c6b6d45d24c0e97a3df5b92a43bf5ef870ddc1dc62dde80d
dcef34820be4c9edb330dea9aef9945ebe3725c9ba3e037d7d15d274a1984091
dd8263e91d9d1cceb437e3593bb8590d84f3e1dd95641e6222eb4e67b4d10c31
ddf05ba91a45be23ff80c2b1762f5192737ce52d85bf72f65a703c638d101521
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
deae2843c31c0fcbff3f7bc2a223e61cad22a00f75338cf3ddedb6c992de6f5c
dec17b8852b1927c2555ac3551123a6926bf14c5f4e8a445dde4b9975429eb87
df60bcd9e98b9d5efd79a283ddfbf831408340fdb8ae698e1f0331347ece368a
e0c829acbda91088b85e768076245956a8aa2f08c8069507eff16c0375384590
e1e9790770f2761e989f338be8cd2560a696a4b3f0013219e91f357546eaf668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5d8e7da5fa8f3002ba6683298d19271ab7f53fd433f654cba9b7db6362bc18f
e63e2c9ca954d1e5952dbdd5feb079b7da3705b9dd89e5333751d86994aec9c6
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
e78cfaf028e3ebc7fe5c0d5333aa556d53453d0b41961ea4e5526b1727fdf62b
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e896e8ce93e01c0af8570e0d17435c36a62e5f026595e82328974135bae81965
e90744876510c3d30951a4f1a14c6b292a2e9fea3ec084eebb55717f928002a9
eb9d2b74793efcdd40dea80a2752e34d9776cff8bbdfb3957b953d2ca5843ebf
ec12340b6da8a1fa9053fb2ff80029e70a93b2be1ad9c876a9278de9c46b1f67
ed223dc7944163641f64146fa0c67289352bd629a12f058a4bb409f870f44008
ee386c1a12ac8958200c08b6496b8b9054833661d1a3cbf89ad4a306f6ab8838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef44d875b739f502c90237521c4cd1fd5eef13008d9f4861d9c8a65182adaade
efa9e652d45b3e2d1145a5e08c3ade6409ddc1168f67e5ea2a608d49bcf9dfd1
efe62285691e30a7a986ee5836eb2bb025ebea4eac1862ba930ed3d6cb7e6c1d
f25ca3605dd03afc37519cc7928d999ec154ade9a038f5783ce0fdbe66d31970
f42aa02e534fb3e83b42b37e49b96fedcdc9679e92a9abfe4c2c13cbe6f60521
f43d35d96edafcce9ad9f60e408ad3b446dcb7f4223db00733755c1e07ba4e9f
f47fe2f5879c57160add56abb4bcb3499f1ad980f51da5151cff5e5f3579c5e6
f5005d37162105831c19a77e8444786e4ab0ac99761a00e31cc08f55901acd78
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7d6a154c751ab71e1a94389614ef4e268c2549332275a0b53ea04545474d665
f8a3b7d983037b9b18ac386c725f1b8e1e5923f70d93540a676b9b2827ff9e18
f9d386610b3277ff5b5908f17bdbfea3eaaf2bf5568c6c7332f6366ebe43377d
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617
fa4017029cb89ab9c345f840cd66a32e86f8b3741b060a2f8e62dbdb50713166
fa6bbd1df857b0f2c77ccb14ed594016a6a17947223c8a37178719c2ebf8b8e4
fa7694e50a83d9359642535676e24898f60a2cc8157afdb7a105d49dd83d3f8b
fb6aad111156d4f7e35a0513e5be55b8914c8119a61e3d81050c2130b1761927
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67
fdf630aaaac77fbc0f3293a806f0b4b9838256edc029a675c49502a732afdc15
fea85148216024af3214f1d1efecf51f3bb4b9328e1cb8b43f5b5e5cb12b8764