nekto.me Open in urlscan Pro
2606:4700:3031::ac43:8389 Public Scan

URL:
http://nekto.me/
Submission: On November 02 via manual (November 2nd 2020, 5:13:54 pm UTC) from DK

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3031::ac43:8389, located in United States and belongs to CLOUDFLARENET, US. The main domain is nekto.me.

This is the only time nekto.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3031::ac43:8389	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	87.240.190.72 87.240.190.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1 2	217.20.155.13 217.20.155.13	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
44	13

17 2606:4700:3031::ac43:8389 (United States)

ASN13335 (CLOUDFLARENET, US)

nekto.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.240.190.72 (Russian Federation) 2 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.155.13 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip13.155.odnoklassniki.ru

odnoklassniki.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	nekto.me nekto.me	97 KB
6	yandex.ru 2 redirects mc.yandex.ru	42 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	146 KB
4	google.com www.google.com adservice.google.com	919 B
4	vk.com 2 redirects vk.com	25 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
2	yandex.com 1 redirects mc.yandex.com	587 B
2	doubleclick.net googleads.g.doubleclick.net
2	facebook.net connect.facebook.net	59 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	googleadservices.com partner.googleadservices.com	627 B
1	gstatic.com www.gstatic.com	135 KB
1	ok.ru ok.ru	1 KB
1	odnoklassniki.ru 1 redirects odnoklassniki.ru	181 B
44	15

	Domain	Requested by
17	nekto.me	nekto.me
6	mc.yandex.ru	2 redirects nekto.me mc.yandex.ru
4	pagead2.googlesyndication.com	nekto.me pagead2.googlesyndication.com
4	vk.com	2 redirects nekto.me
3	counter.yadro.ru	2 redirects nekto.me
3	www.google.com	nekto.me www.gstatic.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	mc.yandex.com	1 redirects nekto.me
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	nekto.me connect.facebook.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	ok.ru	nekto.me
1	odnoklassniki.ru	1 redirects
44	17

This site contains no links.

Subject Issuer	Validity	Valid
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2019-08-07` - `2021-03-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://nekto.me/
Frame ID: 7FFE09D9BE2949F68C34AC9F5FF47A60
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=normal&cb=99i7unla137r
Frame ID: A9B0ECC228F945C3F74B623C2A227AB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: AE7D593DB3C0D938199B690509DC51DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604337218&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604337218209&bpp=17&bdt=481&idt=111&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3773787466334&frm=20&pv=2&ga_vid=43983892.1604337218&ga_sid=1604337218&ga_hid=1177485018&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067553%2C21066706&oid=3&pvsid=4344416585181480&pem=28&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=156
Frame ID: E96212C8D90E96323985219803514B4C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=56173zxut90u
Frame ID: 6018C26E206A4187B571B816DDB8DD50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: EF90101A76331FFCD842B1E22BAF6BA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

44
Requests

61 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

13
IPs

4
Countries

531 kB
Transfer

1395 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://vk.com/js/api/openapi.js?152 HTTP 301
https://vk.com/js/api/openapi.js?152

Request Chain 7

http://odnoklassniki.ru/oauth/resources.do?type=js HTTP 301
http://ok.ru/oauth/resources.do?type=js HTTP 307
https://ok.ru/oauth/resources.do?type=js

Request Chain 8

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 17

http://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg- HTTP 301
https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

Request Chain 22

http://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.2075223028770683 HTTP 302
https://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.2075223028770683 HTTP 302
https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.2075223028770683

Request Chain 29

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A241%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A694829791%3Az%3A60%3Ai%3A20201102181338%3Aet%3A1604337218%3Ac%3A1%3Arn%3A747105704%3Arqn%3A1%3Au%3A1604337218159741367%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1604337217600%3Ads%3A6%2C6%2C112%2C1%2C0%2C0%2C%2C385%2C13%2C%2C%2C%2C513%3Adsn%3A7%2C5%2C112%2C1%2C0%2C0%2C%2C387%2C13%2C%2C%2C%2C513%3Ati%3A1%3Ast%3A1604337218 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A241%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A694829791%3Az%3A60%3Ai%3A20201102181338%3Aet%3A1604337218%3Ac%3A1%3Arn%3A747105704%3Arqn%3A1%3Au%3A1604337218159741367%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1604337217600%3Ads%3A6%2C6%2C112%2C1%2C0%2C0%2C%2C385%2C13%2C%2C%2C%2C513%3Adsn%3A7%2C5%2C112%2C1%2C0%2C0%2C%2C387%2C13%2C%2C%2C%2C513%3Ati%3A1%3Ast%3A1604337218

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9080.do8fy23czIJ5zUIQWAzwLcExBXI--Ll8c3RrPPgL_cR9m6MFpJhxU2PnlJJjyesa.LEsxk2Xw6sqMAi_WobwVITfbSdc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9080.QNVjCLK5mAlc6XjRLwN-0rPfY1Sez6wtgYhY0N9Iaggg7xcBcjmNUTY2HZfvn3FZ2-sUTUMW9KujFMyIHDojgjIKncxSiq9S7i4UO-fQFEM%2C.oRzvEf6IP3XeWLUTau9u_yE7i1U%2C

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
nekto.me/ 9 KB
5 KB 124ms
112ms Document
text/html 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8665071ae7054a284e6cfe212fd55464c5c3f4cb90bbb04491091d69a6ccb43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: nekto.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db2a82f7c88ba4ccee901df6264c289d31604337217; expires=Wed, 02-Dec-20 17:13:37 GMT; path=/; domain=.nekto.me; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
cf-request-id: 062b8c484f0000e003a38eb000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CPOOm3OqiGlTelqyQm%2FQZx4MiPwhzh8zQjq3OccIZsbU412GR%2FtcPzphAM8icBRuneHbyM6X6NXbFE8rvyKgeRJMu6RzV6CrNo%2BggMAYVEa2diRaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5ebf7cba1e91e003-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
nekto.me/style/ 7 KB
3 KB 66ms
64ms Stylesheet
text/css 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/style/main.css?3
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e09f4e597546c91ff7c676993830f93b56a186d1c99fcfb71d68edbae6f8a549

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c48c90000e003b88f1000000001
Last-Modified: Fri, 18 Dec 2015 23:53:55 GMT
Server: cloudflare
ETag: W/"56749c93-1a8c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gt4SuDyDV5H%2FwDenpUkBsc3biWH2KzDhxA%2BXlBgVMAVwLQHLjoMpOjep7PEU3p89I6Afsm09aGw6TYFmB7Bkr1jWlFu1FKRkI%2FbFPndHqMaBp8y5%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=86400, private
CF-RAY: 5ebf7cbad871e003-FRA
Expires: Tue, 03 Nov 2020 17:13:37 GMT

GET
H/1.1 200
OK jquery.js Show response
nekto.me/js/ 93 KB
39 KB 164ms
157ms Script
application/x-javascript 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.js?2
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c48d00000c2bd06839000000001
Last-Modified: Wed, 21 Mar 2012 19:46:56 GMT
Server: cloudflare
ETag: W/"4f6a3030-17278"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qwovWv6tYCxBltkNC%2FFpxIkYGJ29ll8Mmy9jazjScVYdW4u%2BIGUGasUzXsRKwSoUnYqLUvfsOEPsCcQZUK5No8CRZLmfQfh3eloHFCdnRU9GodCeag%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ebf7cbadf5ec2bd-FRA
Expires: Tue, 03 Nov 2020 17:13:37 GMT

GET
H/1.1 200
OK jquery.cycle.all.2.72.js Show response
nekto.me/js/ 43 KB
14 KB 89ms
82ms Script
application/x-javascript 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.cycle.all.2.72.js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 103fc73af427191044b7c92db49cf45442782410befc7e630225452bce49677e

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c48ca00001f2d49066000000001
Last-Modified: Sat, 20 Oct 2012 01:54:14 GMT
Server: cloudflare
ETag: W/"50820446-ac8d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5o5b5sQ57EDf7rQ9unM8cNUacaf2xZZaUMV3u3eiQK1Ss2HiQA%2BPWEv5%2FFM1GM2GewAteWK9J4Tm1pL96zsFyADfQjsKHhq%2FTBb%2FzF87KoUY%2F9Zi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ebf7cbadf011f2d-FRA
Expires: Tue, 03 Nov 2020 17:13:37 GMT

GET
H/1.1 200
OK jquery.notification.js Show response
nekto.me/js/ 865 B
1 KB 82ms
75ms Script
application/x-javascript 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/jquery.notification.js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe5d89920641371f3af6612e80764f29b19fe4d3458714ac56465d07a268b4a

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c48cd0000d6e5488cd000000001
Last-Modified: Tue, 12 Jun 2018 16:09:48 GMT
Server: cloudflare
ETag: W/"5b1ff04c-361"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sndqT%2FZV%2FynbS7r2n2alUwjplDPDfIa0OdLSqZHAlnKpfhjlIq%2FJ1H79Oe4PcK5TJEgX9Syv3XlZVbtl1ArPhYuu97OZB3Ddo2KzX6D4NHZfvx7tPg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ebf7cbaed9bd6e5-FRA
Expires: Tue, 03 Nov 2020 17:13:37 GMT

GET
H/1.1 200
OK index.js Show response
nekto.me/js/ 7 KB
3 KB 86ms
80ms Script
application/x-javascript 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nekto.me/js/index.js?2
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79b5f7ef7c8b564205a17914796ebb12d869177990b47117c3e5b94fe8eefbf3

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c48cb0000c2f4f03a5000000001
Last-Modified: Tue, 27 Mar 2018 10:45:50 GMT
Server: cloudflare
ETag: W/"5aba20de-1ae5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fhghrHYHDUAVZsiztVKyG7HA5puiWa4Q%2BX2Z0iQHv%2BfcKKA8ph%2FX0V2VYYDLZO5TbSelqNlPBkIxvvIgASvoRzUM0zSrWeSJ3aRjWSmMnteX4YiUmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=86400, private
CF-RAY: 5ebf7cbadc98c2f4-FRA
Expires: Tue, 03 Nov 2020 17:13:37 GMT

GET
H2

200

openapi.js Show response
vk.com/js/api/
Redirect Chain

http://vk.com/js/api/openapi.js?152
https://vk.com/js/api/openapi.js?152

100 KB
24 KB

194ms
90ms

Script
application/x-javascript

87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?152
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:37 GMT
content-encoding: gzip
x-frontend: front204307
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Fri, 06 Nov 2020 17:13:37 GMT

Redirect headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
X-Frontend: front204307
Server: kittenx
Content-Type: text/html
Location: https://vk.com/js/api/openapi.js?152
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
751 B 19ms
17ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba94eaf90519494de4ee847524ee2d3567f8518dbd66dcb0a5f610cee321976d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Mon, 02 Nov 2020 17:13:37 GMT

GET
H2

200

resources.do Show response
ok.ru/oauth/
Redirect Chain

http://odnoklassniki.ru/oauth/resources.do?type=js
http://ok.ru/oauth/resources.do?type=js
https://ok.ru/oauth/resources.do?type=js

3 KB
1 KB

169ms
56ms

Script
text/javascript

217.20.155.13
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ok.ru/oauth/resources.do?type=js
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.20.155.13 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: ip13.155.odnoklassniki.ru
Software: apache /
Resource Hash: 2c2a9365874b974914082d8501c7d82dd1c417184de5f38768d0ed1c1a931c84

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: br
server: apache
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8

Redirect headers

Location: https://ok.ru/oauth/resources.do?type=js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
2 KB

9ms
7ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8acb62cde2287db544f938cf88e751dcff3a5fcbce24e0746db41278237d0a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hEFb+071TWIW5N0JXbyZXg==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 1781
etag: "e6022b48307cf7cca693aff71129d1ed"
x-fb-debug: 0x5g7zTWZFJoJSf+JaWaHPCo/CoLZGoEg0mBOAA5SaLts6PF5J79OEPgDPHEr3oTBRsW83edJBpk4u8CEEHH8w==
x-fb-trip-id: 664085054
x-fb-content-md5: 5848d95757ddf3f95443b91702d4da53
x-frame-options: DENY
date: Mon, 02 Nov 2020 17:13:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Nov 2020 17:29:22 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js
Non-Authoritative-Reason: HSTS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
46 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

722a06e3ff39c6f90616e76453d405bb5d7413d673c121f96548a06956685d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46497
x-xss-protection: 0
server: cafe
etag: 13177997787275641516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK enter.jpg
nekto.me/img/ 2 KB
3 KB 69ms
67ms Image
image/jpeg 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/enter.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a13cea4bcb1f23279cd197b18dc3261762b782e19e077c09557147bd967c33

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 2090
cf-request-id: 062b8c49fd0000c2bd9a977000000001
Last-Modified: Sat, 20 Oct 2012 00:57:50 GMT
Server: cloudflare
ETag: "5081f70e-82a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H0fYNFoIXzXKV2wNNjhdi9SF3xk83y3j3sxMt1DW84pvVTjt2tHeKka8c4BuaN1KJEk2VrH3TRhs8MnTevAnN4ytSpDM1e764zRHO%2FcHDyVgnx5WWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbccad5c2bd-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK vk.png
nekto.me/style/images/ 1 KB
2 KB 68ms
66ms Image
image/png 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/vk.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a0b4f60160a7b46ee1d6affdfb3d6dc2114330688b81b52cbad354ed2544ca0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1172
cf-request-id: 062b8c49fe00001f2d332c4000000001
Last-Modified: Fri, 25 Nov 2011 11:31:48 GMT
Server: cloudflare
ETag: "4ecf7ca4-494"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=igPMBov7QBMwLMAHmwWAaQfWnMZmOFYnKuCWhd9YMkaS1pKKVrS93lVxLk%2BXUCiDB7VV5VZyfldDctVM6sVmBn2hBJLN4zyTKzAdJ7yySAsXGStoyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbccc131f2d-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK ok.png
nekto.me/style/images/ 2 KB
2 KB 63ms
61ms Image
image/png 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/ok.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f7fd2399790e97f02fa75bf4267c725870e56ce6c6c55064bb469e018ce9d

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1541
cf-request-id: 062b8c49fd0000c2f405358000000001
Last-Modified: Tue, 24 Jan 2012 22:15:29 GMT
Server: cloudflare
ETag: "4f1f2d81-605"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kGQIXSSreT4DHMWnEp5fo%2F709MVvVNjNDOJGg%2F4oNNGWh36kJlESGPEBpNCdaCSUnp5tGdo5jyG62XvNaIyGrFSFZes6pn8KwaihMv%2BfXTEbjXVtug%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbcc8bcc2f4-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK fb.png
nekto.me/style/images/ 230 B
974 B 60ms
58ms Image
image/png 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/style/images/fb.png
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f74d6963b542c2fff9353700952c52941ff961fc551be3bab75f6d9a0d55ad2

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 230
cf-request-id: 062b8c49fd0000d6e586842000000001
Last-Modified: Fri, 25 Nov 2011 11:31:42 GMT
Server: cloudflare
ETag: "4ecf7c9e-e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sohVq7oUCFE77iFvCXkdzAEEi%2B5wskZlFuPy1llc0w6hHwI3mjOhDpy0k%2FzHf9FKbFKXxlpcvjNhhO4P%2FLU4NzvuS0zSRDSzROcUsS%2BbkUSFQTGTSA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbcc9c7d6e5-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
nekto.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 12ms
12ms Script
application/javascript 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 062b8c49820000c2bdf40a2000000001
Last-Modified: Tue, 27 Oct 2020 17:34:18 GMT
Server: cloudflare
ETag: W/"5f985a1a-4d7"
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z9ruU8NsJKPMpJ%2Bc8gUIPSBGwC4tNnVmUkWUkeDmmw4xl58l5adN%2FN5Tuc7RoV4asipdALOeOQiWLr3JsabOtjo1l%2BmFSxpduiW2H827mvhUwU4pXw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 5ebf7cbc0965c2bd-FRA
Expires: Wed, 04 Nov 2020 17:13:37 GMT

GET
H/1.1 200
OK 1px.jpg
nekto.me/ 1 KB
2 KB 67ms
65ms Image
image/jpeg 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/1px.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f65e932e3e94c49da3e00eef1042be0bba7a7c1a2295baf3dcf755e1f83ffad

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1266
cf-request-id: 062b8c4a040000e003a8b8b000000001
Last-Modified: Sat, 11 Jun 2011 23:51:37 GMT
Server: cloudflare
ETag: "4df3ff89-4f2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NjwA9%2FJDNanylO%2BGtKptsW6icNfzBClk62GT%2BKGGsH733yHz41Oe1Cy8ImUxkzvDfg3uHVWbE9qwG7qxvKd7UhvpPa3OJYk0Qo8ts%2Fh0bW14AyS5EA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbccc83e003-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ 343 KB
135 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://nekto.me
Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2602
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137574
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 04:07:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Nov 2021 16:30:16 GMT

GET
H2

200

rtrg
vk.com/
Redirect Chain

http://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-
https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

49 B
444 B

62ms
62ms

Image
image/gif

87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.26968

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-frontend: front204307
server: kittenx
x-powered-by: KPHP/7.4.26968
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

Redirect headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
X-Frontend: front204307
Server: kittenx
Content-Type: text/html
Location: https://vk.com/rtrg?r=GzCcoFHx7H9p*trghnht3tTZbz9H13RjgomDOw//hk/m6tG4jv*7NUDNBKgfXWmtjtNWga1CA/*re0Yly3vvv0ylZlktiZXrnPiDoOuxi5DUxrBICh*KPspQCUV0bO2aYKE4RA21uU2C6vfp1NFLKS2RUSkBOqmya/20f3pZ0sg-
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H/1.1 200
OK logo2.png
nekto.me/img/ 3 KB
4 KB 65ms
60ms Image
image/png 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/logo2.png
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c19b613dde157dc1e90ee81cb71d5ba06008bbbe8f43c267ca1eff0d2c1c5c

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 2855
cf-request-id: 062b8c4a1d00000746f725e000000001
Last-Modified: Sat, 20 Oct 2012 00:58:09 GMT
Server: cloudflare
ETag: "5081f721-b27"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F4K5I5%2FUFPRU16Ls3w3QKfpg7JbWG%2Bl8FhzZ0aGGj4Qv0%2FCDxthIAW4nUE8AppgcDkmLx6rrv3XZFP%2F1Jfrl70APE9tETPgj%2BT2dTVMWwapzDiy4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbcfd460746-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK online_corner.jpg
nekto.me/img/ 1 KB
2 KB 69ms
69ms Image
image/jpeg 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/online_corner.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1649efcb2f0b91911e6f460ce6909855364c172f1a9ffc73cda894e26d602bdb

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1318
cf-request-id: 062b8c4a3a0000d6e556bda000000001
Last-Modified: Sat, 20 Oct 2012 00:58:32 GMT
Server: cloudflare
ETag: "5081f738-526"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuTEA%2FQDOoGrOb8KpRMQtCmMWpd4fLvVw9YrnuZBP1G%2F6bIPR8Ngh6lX52t3XCXmDDKGN4ugqrLpqNHxKJZWg35DHqZi%2BferfYrKeZFR9uZnc6pCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbd2a97d6e5-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK reg_bg.jpg
nekto.me/img/ 12 KB
13 KB 59ms
58ms Image
image/jpeg 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/reg_bg.jpg
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89dad5ce8dc655c268246ec30456186cee07b5308a701404f7f886447269c338

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 12460
cf-request-id: 062b8c4a3b0000c2f4efbc6000000001
last-modified: Fri, 09 Aug 2013 03:28:40 GMT
Server: cloudflare
etag: "520461e8-30ac"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NRbKL49YddNOqZksjOXB4A2f6FySbzc4DfisSwOiKwIQ3CvvkRa3T3Jzjmd%2FyyPI8r0VbbOoXZa6Fw5jjGJ0zP7gTSyoOtRirGMNLVD7dsUyS1dxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbd2966c2f4-FRA
expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1 200
OK url_icon.png
nekto.me/img/ 234 B
976 B 65ms
60ms Image
image/png 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nekto.me/img/url_icon.png
Requested by: Host: nekto.me
URL: http://nekto.me/style/main.css?3
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9839811163e405ae3f9652735ee211778c04d44c8466101280d01753beee5fa

Request headers

Referer: http://nekto.me/style/main.css?3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 234
cf-request-id: 062b8c4a410000e0037da0c000000001
Last-Modified: Fri, 18 Dec 2015 23:44:19 GMT
Server: cloudflare
ETag: "56749a53-ea"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8DxicztRZZWRKwmgwjcd8l87qcqN%2BPwUdceOTMT8%2BmMXpL7SUOtQjS359lWo4HLOJpxJJ%2FKkVWSeNAyxEs5br06n8A87ppZKgnHt94QvV542TlBsPg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
CF-RAY: 5ebf7cbd3d5ae003-FRA
Expires: Tue, 03 Nov 2020 17:13:38 GMT

GET
H/1.1

200
OK

hit;NektoMe
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u04...
https://counter.yadro.ru/hit;NektoMe?r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0...
https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%...

43 B
496 B

62ms
62ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.2075223028770683

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 17:13:38 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 02 Nov 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 17:13:38 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;NektoMe?q;r;s1600*1200*24;uhttp%3A//nekto.me/;hnekto.me%20-%20%u0430%u043D%u043E%u043D%u0438%u043C%u043D%u0430%u044F%20%u0441%u043E%u0446%u0438%u0430%u043B%u044C%u043D%u0430%u044F%20%u0441%u0435%u0442%u044C;0.2075223028770683
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 02 Nov 2019 21:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 115 KB
40 KB 46ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5301a8a4d7d79449343002f9bad87f3b378e973728a7926f85f9e42be9ac2e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: br
last-modified: Mon, 02 Nov 2020 11:17:57 GMT
status: 200
etag: "5f9c0d0d-9f44"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 40772
expires: Mon, 02 Nov 2020 18:13:38 GMT

GET
H/1.1 200
OK index.php Show response
nekto.me/includes/ajax/ 36 B
711 B 68ms
68ms XHR
text/html 2606:4700:3031::ac43:8389
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://nekto.me/includes/ajax/index.php?_=1604337218124

Requested by

Host: nekto.me
URL: http://nekto.me/js/jquery.js?2

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:8389 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2b19eaa2c009d6d5c963a986bb5dbb9462b4c079eced1e5cebc9610b90e6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://nekto.me/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 17:13:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j8vQtH7oywYlk5QhJNYzM12D2t3DCm5EWCXMkU9NhbiLyybyKk1w69zdNz5nW1ydWwlD%2FYNgOLArn80cNTbaz%2BcGGhXF%2F8KL1d31YljD6Y4zGPmcog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebf7cbd4befc2bd-FRA
cf-request-id: 062b8c4a4f0000c2bdd41d4000000001

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame A9B0 0
0 33ms
32ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=normal&cb=99i7unla137r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8s+Y2fvt4VGmgrY57rV+UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&co=aHR0cDovL25la3RvLm1lOjgw&hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&size=normal&cb=99i7unla137r
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Nov 2020 17:13:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-8s+Y2fvt4VGmgrY57rV+UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10835
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 188 KB
57 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=9f01332c57d7533d785ab2c9b9eac348&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

584e14e65784c9f1b2e6e3f9673d7f61edecc63dac49bca5bfedce22ae5756ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://nekto.me
Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JbfL4jpd3NRRdygwyUXgfg==
status: 200
cross-origin-resource-policy: cross-origin
content-length: 57698
etag: "723218b292143f0847292418bc037fd6"
x-fb-debug: jVC8uMvEeWcbokScpt9c11NsWao050Qr2ZFPPbCDHrmMfYoenv9VPV/Yd1XFh6XS/iZMF1rC0jrRv+hnimUhQg==
x-fb-trip-id: 664085054
x-fb-content-md5: ddd542289bb44f663469b9c1913489c4
x-frame-options: DENY
date: Mon, 02 Nov 2020 17:13:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 02 Nov 2021 15:11:01 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ 230 KB
87 KB 58ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88237
x-xss-protection: 0
server: cafe
etag: 8916267561321754551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Nov 2020 17:13:38 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame AE7D 0
0 8ms
8ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201029/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 02 Nov 2020 02:32:56 GMT
expires: Mon, 16 Nov 2020 02:32:56 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 52842
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Ae...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3A...

35 B
116 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A241%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A694829791%3Az%3A60%3Ai%3A20201102181338%3Aet%3A1604337218%3Ac%3A1%3Arn%3A747105704%3Arqn%3A1%3Au%3A1604337218159741367%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1604337217600%3Ads%3A6%2C6%2C112%2C1%2C0%2C0%2C%2C385%2C13%2C%2C%2C%2C513%3Adsn%3A7%2C5%2C112%2C1%2C0%2C0%2C%2C387%2C13%2C%2C%2C%2C513%3Ati%3A1%3Ast%3A1604337218

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Nov 2020 17:13:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 02-Nov-2020 17:13:38 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://nekto.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 02-Nov-2020 17:13:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Nov 2020 17:13:38 GMT
last-modified: Mon, 02-Nov-2020 17:13:38 GMT
status: 302
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A241%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A694829791%3Az%3A60%3Ai%3A20201102181338%3Aet%3A1604337218%3Ac%3A1%3Arn%3A747105704%3Arqn%3A1%3Au%3A1604337218159741367%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1604337217600%3Ads%3A6%2C6%2C112%2C1%2C0%2C0%2C%2C385%2C13%2C%2C%2C%2C513%3Adsn%3A7%2C5%2C112%2C1%2C0%2C0%2C%2C387%2C13%2C%2C%2C%2C513%3Ati%3A1%3Ast%3A1604337218
access-control-allow-origin: http://nekto.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 02-Nov-2020 17:13:38 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
159 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
last-modified: Mon, 02 Nov 2020 11:17:57 GMT
status: 200
etag: "5f9c0d0d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 02 Nov 2020 18:13:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
627 B 129ms
47ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nekto.me&callback=_gfp_s_&client=ca-pub-5544460087407207

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ccd5420be4aaa37e26695cfcc1a6c05c39bda99e35de87290d6db2775b3ac4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nekto.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nekto.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E962 0
0 35ms
34ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604337218&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604337218209&bpp=17&bdt=481&idt=111&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3773787466334&frm=20&pv=2&ga_vid=43983892.1604337218&ga_sid=1604337218&ga_hid=1177485018&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067553%2C21066706&oid=3&pvsid=4344416585181480&pem=28&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5544460087407207&output=html&adk=1812271804&adf=3025194257&lmt=1604337218&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fnekto.me%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604337218209&bpp=17&bdt=481&idt=111&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3773787466334&frm=20&pv=2&ga_vid=43983892.1604337218&ga_sid=1604337218&ga_hid=1177485018&ga_fc=0&iag=0&icsg=541048874&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067553%2C21066706&oid=3&pvsid=4344416585181480&pem=28&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=156
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 02 Nov 2020 17:13:38 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 02-Nov-2020 17:28:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 02 Nov 2020 17:13:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604057784510231"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
expires: Mon, 02 Nov 2020 17:13:38 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9080.do8fy23czIJ5zUIQWAzwLcExBXI--Ll8c3RrPPgL_cR9m6MFpJhxU2PnlJJjyesa.LEsxk2Xw6sqMAi_WobwVITfbSdc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9080.QNVjCLK5mAlc6XjRLwN-0rPfY1Sez6wtgYhY0N9Iaggg7xcBcjmNUTY2HZfvn3FZ2-sUTUMW9KujFMyIHDojgjIKncxSiq9S7i4UO-fQFEM%2C.oRzvEf6IP3XeWLUTau9u_yE7i1U%2C

43 B
333 B

49ms
49ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9080.QNVjCLK5mAlc6XjRLwN-0rPfY1Sez6wtgYhY0N9Iaggg7xcBcjmNUTY2HZfvn3FZ2-sUTUMW9KujFMyIHDojgjIKncxSiq9S7i4UO-fQFEM%2C.oRzvEf6IP3XeWLUTau9u_yE7i1U%2C

Requested by

Host: nekto.me
URL: http://nekto.me/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 02 Nov 2020 17:13:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

status: 302
date: Mon, 02 Nov 2020 17:13:38 GMT
strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?token=9080.QNVjCLK5mAlc6XjRLwN-0rPfY1Sez6wtgYhY0N9Iaggg7xcBcjmNUTY2HZfvn3FZ2-sUTUMW9KujFMyIHDojgjIKncxSiq9S7i4UO-fQFEM%2C.oRzvEf6IP3XeWLUTau9u_yE7i1U%2C
content-length: 0
x-xss-protection: 1; mode=block

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 6018 0
0 23ms
22ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=56173zxut90u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8CvceoyD0tRXroIgMgjCWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=4lbq4vBYAu25DMtzZ7GGbfAF&k=6LfCOgkTAAAAAHBOyEgHg2VdnH1AVEMzciMvH3jb&cb=56173zxut90u
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Nov 2020 17:13:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-8CvceoyD0tRXroIgMgjCWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1172
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
34ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

815194ed389fcf42c7e347be11e25f1acfce3df027f185c1e20a7f5f769e90b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6478
x-xss-protection: 0

GET
H2 200 34274390 Show response
mc.yandex.ru/watch/ 186 B
303 B 49ms
49ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/34274390?wmode=7&page-url=http%3A%2F%2Fnekto.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A522%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A241%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A694829791%3Az%3A60%3Ai%3A20201102181338%3Aet%3A1604337218%3Ac%3A1%3Arn%3A998942659%3Arqn%3A1%3Au%3A1604337218159741367%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1604337217600%3Ads%3A6%2C6%2C112%2C1%2C0%2C0%2C%2C385%2C13%2C%2C%2C%2C513%3Adsn%3A7%2C5%2C112%2C1%2C0%2C0%2C%2C387%2C13%2C%2C%2C%2C513%3Arqnl%3A1%3Aadb%3A2%3App%3A3629563401%3Ati%3A1%3Ast%3A1604337219%3At%3Anekto.me%20-%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%BD%D0%B0%D1%8F%20%D1%81%D0%BE%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D1%81%D0%B5%D1%82%D1%8C

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

681b31991387dfd180d08582803fb355604c57afaea3a00e467eef23c68a8159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Nov 2020 17:13:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 02-Nov-2020 17:13:38 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://nekto.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Mon, 02-Nov-2020 17:13:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 17:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 02 Nov 2020 17:13:38 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame EF90 0
0 35ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://nekto.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nekto.me/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 02 Nov 2020 16:44:26 GMT
expires: Tue, 02 Nov 2021 16:44:26 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1752
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=4344416585181480&bg=!MTKlMhLNAAU7ZAKtO1i7zL4TaXFiOwIAAABnUgAAAA5oAQcKAdpic7r55FmLVcJ2-uXbAmSNodvDTE267k0UvZYWEEzzgwhu5GCwNfNgzrFkd0LMz6_9HownqOYM8CxIPzLndKZdDg6Ql5wBOvLW2tNJ6kUg1M-2U95_Zq3Y6nk8gtLhwiph7CWDzuOtdqqEiIf-o1hAFatql3SDgmWrrAaNni5iZI-TAvpN4SCNAb0zb62vGfCs2Mspfs0emkHYmEXyFacbI3kfV9QfeZ2Z2UPquo2_BuelNt7MWKCqDzRlmIU491OZQr8qdTbSS720BXzy5vqfu9weQpCL0V0PFLmoRmhRBaRoF_2wqlr-sqQ2AFFeKZmlUwIrnJ9cdQXkoD9Sw5rY6k4ZavYVu3gMu0kWUo8lrs58ZMnYTnnCubFJoNxq2BWwqzoSFh2hGX2uzMUnlNhW3S21jsxohTevTCPIKZJwb2GAudEkSEeBejCHSF_X6Wj6fRxQKVrH8DW3WZEjhKpQ3t0MAycWrb9ucb86ytTRJtE2xEziKsD1PW0XyQOofHb7gI9Sz-42ul8LCLCU8f7fwajpQ6rvg7mceAQ4z7jNQseOSzkrja4jk442cMaGzJzWXofAbt5N6tp9kQGASFQG6ZzsSWt9ImWYOYmW2IZZKCh9XzZZ5aZKX3qZAaDuVW2oaRnOT0jPtFHjKkiwsRCsn3S9MzXoeZskHFqJbZJ8a_9XAkg5Ghuzh-HMnCMkAVhNaN28JhKisiMVnfYQy8MZ_ZNEmYkqgzj2I36EkK0pztEvMp8cedhA5HMYjtws9cSzTDZnAKItuY8Tl2_j4q9AtR9cfiZ5jYw9AAjaFzeBQnP8lvJLvA27InDtGkcnuo_AfuEF27FdStLpgOU9CUkcoMNe6afHlbLLqiVHJPvLIA9l24NH3iqx2bVNrza4GrxHL7uV-Rc2GQoc7092taCIB2xZq-oSkz1H2w_DdwDTmco_qn1EI5uK2QmCQPkUOEYBLV0JFC_-bRpLkj1iAaF64v5qD2yJZM9RGCJxNRZ10dFmoLw6w5f3ABBm1tWl_O-kvD82C_zhyv1T78Afw8dwEpqM1ONfBrV7PLsSXikNCLth74tCRE1GYg51t4UhhC-kIYlJValcflq6elrMmbPHiF9ml32yMVSFiiRCkJN_cbMyYbGeH6vcHDiNIlkhqsZzq-TTGSamRLJdYMQfS5GemjYBLp7UDjE25whomQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nekto.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Nov 2020 17:13:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:38:58	Name: test_cookie Value: CheckForPermission
.nekto.me/	1970-01-19 23:00:33	Name: __gads Value: ID=3e18f66dd98c4736-22b2851b62a60025:T=1604337218:RT=1604337218:S=ALNI_Mb_u3nkXfcvRTT-wU7UB8cBI8qglQ
.nekto.me/	1970-01-19 13:40:09	Name: _ym_isad Value: 2
.nekto.me/	1970-01-19 22:24:33	Name: _ym_d Value: 1604337218
.nekto.me/	1970-01-19 22:24:33	Name: _ym_uid Value: 1604337218159741367
.nekto.me/	1970-01-19 14:22:09	Name: __cfduid Value: db2a82f7c88ba4ccee901df6264c289d31604337217

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://nekto.me/js/jquery.cycle.all.2.72.js(Line 33) Message: [cycle] terminating; zero elements found by selector

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
counter.yadro.ru
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
nekto.me
odnoklassniki.ru
ok.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
vk.com
www.google.com
www.googletagservices.com
www.gstatic.com
216.58.212.162
217.20.155.13
2606:4700:3031::ac43:8389
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:814::2001
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2003
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
87.240.190.72
88.212.201.216
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
103fc73af427191044b7c92db49cf45442782410befc7e630225452bce49677e
1649efcb2f0b91911e6f460ce6909855364c172f1a9ffc73cda894e26d602bdb
1f74d6963b542c2fff9353700952c52941ff961fc551be3bab75f6d9a0d55ad2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0b4f60160a7b46ee1d6affdfb3d6dc2114330688b81b52cbad354ed2544ca0
2c2a9365874b974914082d8501c7d82dd1c417184de5f38768d0ed1c1a931c84
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35c19b613dde157dc1e90ee81cb71d5ba06008bbbe8f43c267ca1eff0d2c1c5c
3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0
3f65e932e3e94c49da3e00eef1042be0bba7a7c1a2295baf3dcf755e1f83ffad
4fe5d89920641371f3af6612e80764f29b19fe4d3458714ac56465d07a268b4a
5301a8a4d7d79449343002f9bad87f3b378e973728a7926f85f9e42be9ac2e93
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
584e14e65784c9f1b2e6e3f9673d7f61edecc63dac49bca5bfedce22ae5756ab
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
681b31991387dfd180d08582803fb355604c57afaea3a00e467eef23c68a8159
6f675ce5fcecaf75514fa222819eb7a8241f6b7c7b92714fe008e8dd2ad30797
70a13cea4bcb1f23279cd197b18dc3261762b782e19e077c09557147bd967c33
722a06e3ff39c6f90616e76453d405bb5d7413d673c121f96548a06956685d47
79b5f7ef7c8b564205a17914796ebb12d869177990b47117c3e5b94fe8eefbf3
815194ed389fcf42c7e347be11e25f1acfce3df027f185c1e20a7f5f769e90b8
84aff23bb47fbea74e9c9944cc840a4c17dbf1c32fc9f6a5c4717417e02751c6
89dad5ce8dc655c268246ec30456186cee07b5308a701404f7f886447269c338
8acb62cde2287db544f938cf88e751dcff3a5fcbce24e0746db41278237d0a7c
97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
9ee2b19eaa2c009d6d5c963a986bb5dbb9462b4c079eced1e5cebc9610b90e6f
b8665071ae7054a284e6cfe212fd55464c5c3f4cb90bbb04491091d69a6ccb43
b9839811163e405ae3f9652735ee211778c04d44c8466101280d01753beee5fa
ba94eaf90519494de4ee847524ee2d3567f8518dbd66dcb0a5f610cee321976d
c12f7fd2399790e97f02fa75bf4267c725870e56ce6c6c55064bb469e018ce9d
ccd5420be4aaa37e26695cfcc1a6c05c39bda99e35de87290d6db2775b3ac4bd
e09f4e597546c91ff7c676993830f93b56a186d1c99fcfb71d68edbae6f8a549
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

nekto.me Open in urlscan Pro 2606:4700:3031::ac43:8389 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

61 %HTTPS

69 %IPv6

15 Domains

17 Subdomains

13 IPs

4 Countries

531 kBTransfer

1395 kBSize

6 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nekto.me Open in urlscan Pro
2606:4700:3031::ac43:8389 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

61 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

13
IPs

4
Countries

531 kB
Transfer

1395 kB
Size

6
Cookies

44 HTTP transactions
0 data transactions