www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nur.kz/
Effective URL:
https://www.nur.kz/
Submission: On October 12 via api (October 12th 2022, 10:55:34 am UTC) from KZ — Scanned from DE

Summary HTTP 290 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 63 IPs in 13 countries across 59 domains to perform 290 HTTP transactions. The main IP is 91.215.139.234, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is www.nur.kz. The Cisco Umbrella rank of the primary domain is 219419.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on April 29th 2022. Valid for: a year.

This is the only time www.nur.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	91.215.139.234 91.215.139.234	48716 (PSKZ-ALA) (PSKZ-ALA)
17	94.247.128.35 94.247.128.35	48716 (PSKZ-ALA) (PSKZ-ALA)
1	142.93.164.210 142.93.164.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	95.216.24.148 95.216.24.148	24940 (HETZNER-AS) (HETZNER-AS)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	94.247.128.43 94.247.128.43	48716 (PSKZ-ALA) (PSKZ-ALA)
1	94.247.128.38 94.247.128.38	48716 (PSKZ-ALA) (PSKZ-ALA)
2	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	91.215.139.235 91.215.139.235	48716 (PSKZ-ALA) (PSKZ-ALA)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8::1be 2a02:6b8::1be	13238 (YANDEX) (YANDEX)
2	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
9 34	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 16	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:effe:42c3:2f57:d795	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
6 6	176.9.9.10 176.9.9.10	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.3.184.201 193.3.184.201	50214 (QWARTA) (QWARTA)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 2	52.51.135.205 52.51.135.205	16509 (AMAZON-02) (AMAZON-02)
3 5	52.30.181.76 52.30.181.76	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	168.119.8.212 168.119.8.212	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.68 193.232.150.68	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:f45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	217.66.147.42 217.66.147.42	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 2	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	195.209.111.4 195.209.111.4	52007 (ADRIVER-AS) (ADRIVER-AS)
2 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	159.69.72.5 159.69.72.5	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	87.242.93.185 87.242.93.185	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	178.170.195.115 178.170.195.115	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
290	63

22 91.215.139.234 (Kazakhstan) 1 redirects

ASN48716 (PSKZ-ALA, KZ)

nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 94.247.128.35 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

cdn.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.210 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.216.24.148 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de

tttt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.247.128.43 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

stat.khanate.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.247.128.38 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

sport.khanate.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.139.235 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)

webapi.nur.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1be (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a02:6b8::90 (Moscow, Russian Federation) 9 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:effe:42c3:2f57:d795 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 176.9.9.10 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1776439.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.201 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.135.205 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-135-205.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.181.76 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-181-76.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.8.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.68 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.42 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.86.150 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.4 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.72.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.72.69.159.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.43 (Falkenstein, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.93.185 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr20.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.195.115 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr18.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	criteo.net static.criteo.net — Cisco Umbrella Rank: 789 pix.eu.criteo.net — Cisco Umbrella Rank: 5790 csm.eu.criteo.net — Cisco Umbrella Rank: 5493	1 MB
43	yandex.ru 9 redirects yandex.ru — Cisco Umbrella Rank: 950 an.yandex.ru — Cisco Umbrella Rank: 2472 mc.yandex.ru — Cisco Umbrella Rank: 2147 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 13905	359 KB
40	nur.kz 1 redirects nur.kz — Cisco Umbrella Rank: 187071 www.nur.kz — Cisco Umbrella Rank: 219419 cdn.nur.kz — Cisco Umbrella Rank: 288229 webapi.nur.kz — Cisco Umbrella Rank: 558333	450 KB
30	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 402 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	459 KB
29	googlesyndication.com 1 redirects af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	410 KB
15	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 19 region1.analytics.google.com — Cisco Umbrella Rank: 3900 adservice.google.com — Cisco Umbrella Rank: 136	2 KB
13	yastatic.net yastatic.net — Cisco Umbrella Rank: 3474	354 KB
11	google.de www.google.de — Cisco Umbrella Rank: 3460 adservice.google.de — Cisco Umbrella Rank: 5221	2 KB
7	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 8250	3 KB
6	acint.net 6 redirects acint.net — Cisco Umbrella Rank: 15755	2 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10350 ads.eu.criteo.com — Cisco Umbrella Rank: 5457 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11918 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 7707	106 KB
6	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 5861	416 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 i.clarity.ms — Cisco Umbrella Rank: 6576 c.clarity.ms — Cisco Umbrella Rank: 1219	26 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16575 tttt.onthe.io — Cisco Umbrella Rank: 398536	19 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 5165 euw-ice.360yield.com — Cisco Umbrella Rank: 10643	2 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 1003 www.googleadservices.com — Cisco Umbrella Rank: 154	16 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	185 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 19601 4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com	2 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 20961 tech.rtb.mts.ru — Cisco Umbrella Rank: 21550	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2616	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	56 KB
3	khanate.pro stat.khanate.pro — Cisco Umbrella Rank: 515980 sport.khanate.pro — Cisco Umbrella Rank: 873361	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 41767 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 41917	836 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 11119	1 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12004	1018 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 14638	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 36811	976 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9297	505 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11418	813 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 13997	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 18779	475 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 293	2 KB
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 18731	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	10 KB
2	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 4343	25 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 426	553 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 12047	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3953	390 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5532	332 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3931	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 41040	838 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 25224	244 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 11852	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 41643	388 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 3185	463 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 14767	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 40051	317 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2279	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	457 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 915	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2302	350 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1504	464 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1686	45 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	74 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
290	59

	Domain	Requested by
34	an.yandex.ru	9 redirects www.nur.kz an.yandex.ru
29	pix.eu.criteo.net	ads.eu.criteo.com
21	static.criteo.net	ads.eu.criteo.com
21	www.nur.kz	www.nur.kz
17	cdn.nur.kz	www.nur.kz
16	tpc.googlesyndication.com	1 redirects af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com
13	yastatic.net	yandex.ru an.yandex.ru www.nur.kz yastatic.net
11	www.google.com	2 redirects www.nur.kz af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.googleadservices.com
10	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com www.nur.kz googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.google.de	www.nur.kz
8	securepubads.g.doubleclick.net	www.nur.kz securepubads.g.doubleclick.net www.googletagservices.com
7	mc.yandex.com	1 redirects mc.yandex.ru
6	acint.net	6 redirects
6	cm.g.doubleclick.net	www.nur.kz googleads.g.doubleclick.net
6	ads.adfox.ru	www.nur.kz
6	yandex.ru	www.nur.kz yandex.ru yastatic.net
5	tttt.onthe.io	cdn.onthe.io
4	www.googletagservices.com	securepubads.g.doubleclick.net af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	www.googleadservices.com	2 redirects yastatic.net
3	match.360yield.com	1 redirects
3	ads.betweendigital.com	2 redirects
3	static.doubleclick.net	googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	www.google-analytics.com	www.nur.kz www.google-analytics.com
2	c.clarity.ms	1 redirects
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.1dmp.io	2 redirects
2	ssp.adriver.ru	www.nur.kz
2	sonar.semantiqo.com	1 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	www.nur.kz
2	dpm.demdex.net	1 redirects
2	ssp-rtb.sape.ru	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	mc.yandex.ru	an.yandex.ru yastatic.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
2	avatars.mds.yandex.net	www.nur.kz
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	i.clarity.ms	www.clarity.ms
2	stat.khanate.pro	www.nur.kz
2	region1.analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	www.nur.kz www.clarity.ms
1	c.bing.com	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.nur.kz
1	sync.bumlam.com	www.nur.kz
1	counter.yadro.ru	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	www.nur.kz
1	profile.ssp.rambler.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com
1	im.bluevoox.com
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	www.nur.kz
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	www.nur.kz
1	rtb.nl.eu.criteo.com	www.nur.kz
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	webapi.nur.kz	www.nur.kz
1	sport.khanate.pro	www.nur.kz
1	www.googleoptimize.com	www.nur.kz
1	www.googletagmanager.com	www.nur.kz
1	cdn.onthe.io	www.nur.kz
1	nur.kz	1 redirects
0	mitdmp.whiteboxdigital.ru Failed	www.nur.kz
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
290	89

This site contains links to these domains. Also see Links.

Domain
play.google.com
special.nur.kz
kaz.nur.kz
1xbet.kz
bit.ly
z.cdn.adpool.bet
ads.adfox.ru
refpaopsxi.top
t.me
news.google.com
www.instagram.com
corp.nur.kz
www.facebook.com
vk.com
ok.ru
www.tiktok.com
apps.apple.com
appgallery.huawei.com
genesistudio.net

Subject Issuer	Validity	Valid
*.nur.kz Sectigo ECC Domain Validation Secure Server CA	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
khanate.pro R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.bumlam.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.nur.kz/
Frame ID: B739518EC27AC7434E37F500265F2DAA
Requests: 99 HTTP requests in this frame

Frame: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB2D56F54D0C95591B70E00AF66990F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html
Frame ID: 2FD126F08D589259DE9EEAC5ADF67F76
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCgBDVx7llNrp_Gm6H-ffWflQmjslgUHMFeaVyJy0q6xQLTOMVotT50sMT8IXcfa-Q5v1YdGR4HafIzg_Rn4o28ePnFWjfKaQb1yokBQkDIMRI7U82NeJQ2t7Mx76HJYuP3alLkYHyGwOC_vGtpmAjEmj9OcqqLG6oc7jV55q-A1ELoXONbdYeKbHertQHz0sGxywB4b6_pcIYn5IAxY99oU297INM86aL8CKzIuZxe6FZfVOk0NkyDBwLMclmdGNhTKjHfJb2ZZe_81WQj4gTte4vIt_9GZd2EU7-_FzNMiehuEzYNF_0xkzubnGClN7scOzvXpaM&sai=AMfl-YRi8Z22XNSxVHUuG6U0HmvOlkQpz-toOPngk6f4v59bL_YQS1gOcfxh0L5Rl1q8PoGBvSobmrca6VdU7cj_7c_3Kn_8bGcHbSGsUU3p-MnnKx3i39YJS13BQS3ZMe_VVcqa&sig=Cg0ArKJSzMfqBzrvTjweEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 060C6C2E41546E591460CE2502FECC02
Requests: 18 HTTP requests in this frame

Frame: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0F3BC88108ECE71DD6B54BEC9AD4E19E
Requests: 8 HTTP requests in this frame

Frame: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7680D5134E999CDA9A05D9E1429A202
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1665572128&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128204&bpp=3&bdt=937&idt=171&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&nras=1&correlator=6914024258268&frm=20&pv=2&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=188
Frame ID: 2E36E5172EF385D14A5F70D81058823D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
Frame ID: 3237FC1B1FACF953DA7FA41679B99084
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYNEK4A6DAAeK7OWZOE7WtYKNIfT_1w&u=%7CS1FL%2BoAKd7RRv806YYnJwuN1%2FtyfpVuvKkO0PDFxdZ4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PEMyz40uhnGHdW6w6xe3h-UQhofLyuwLbG78FzrUzKZyPE7rb5mkJ8O85CO5O5_Z18cEiqD7t2bA9zamLWIEwh_iUmU5JUo9fRygXuBThwcPmu-R-QIzrPqkW25Z7iVzO7h5ZYioMmQ_nbARu2b9O_K0tYs4qDKCIK1GnFI--SrEggaBSrRa-OOpTWmVzwLtr9-xV6ds4eNVNsYxHmKxjNGX1cu34ZVNBJvP8Ene3I4eNnCqk_y-YPGdZUEsQNiBotlOSqiLtHQbPANekzHx0JfYSQp6Eqi_YhZm6FBGf2Iqwfd03lPf19Sd0FKkpT_7OkFuAZL-Kqq14Hie1UK3HQp4ooewbguf_c9pj-WwP_ql3FqWSFTsEUAu-J1CEliz3QsNKWgzmHjF9FQzkKPLgztC40IUy9cbsscZrerhsqtaV0D7juoi7sTn87gvXF-8nSohUNJQ3Uc0O_9xk8C3U6dkBix1q1SkCE7EIIrtiq4OFnu5akyz4A8zf5TiJgmFUNlDfA5P1uNYY1vMvg64vVet22XyDket7EJjVMhECmRNqZ1u-rzg-OZjHbl_uOZFfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgtBH51GY9HBOYOdgAfslZ7gCMme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M8gBCakCaiBpgLhNsD7gAgCoAwGqBIQCT9AQykuyGp6Bndt2QN5tZRVT2Dey4_q5qHKFlVPTjTo2X25FZtGAVwK_aDY0rMAsaxzKjYm7Q2s9wsJetjMHcQD_BDjw3bH5Bv3h1smXkT5v6F39uas8bh3XuT5u-pjKK8tZsA40NwPJ0Rh0CWRAx_ymScufCp6I9uy_XmM4-UNbmNzj4AuLs0sWNGPZ6IvIkwQvIaC_XuGaGpM992hekf31NpPPQfPZd9fqcjnIepC5zq_jIRSl8MOUuA1cMqEDKu5W4BIdU4F0i4GihKvRiMNr9z5DjJYPRGVYlzXXd_7WaEvqHRqVsm42l49vEvoJIYPlszPrr_lwAWVHT-ni7joOcZrgBAGABoOUmOPUrNStXaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L53rRRKuYQsXPZ5vnGajgQifEtA%26client%3Dca-pub-3369263710096163%26adurl%3D
Frame ID: A1179CF9C49CAE0B82D3A9CDFAAF07FE
Requests: 25 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYE8K4A6DAAeK7PZgM8SDmXk3HDLFnQ&u=%7CS1FL%2BoAKd7T10MsRgApU1k5AMpT6%2FqBkqcB4P%2BdZ864%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608Bvppv58V0BuGUUCIazVjI80Mz6K9nh4VzCf-s5FS-nyDQQWmVX5kuQ6jilbXFac0xbvTnM5wF-ydxbpRlVLXJG_4SCdbaH-JAtq81Q4VD99GCGFbdgSHj9W8w0fHtYTNV9tqllTWR2B0cCdY0G6TWbB04vc_jpS_uTs1dVURODwg3CnV4-q0la13yO_UfQ2qlTmwCLgibq-fhfZVV0rJ5fwnaIx7bIjHYHKl09t7Quuf_NOW-f6rhPuGPMlH7uHOKDY5s_2T4nvLE6JGl8Bg9zB18k53DyxXCb117fgJGDkvhIEXkGSSWNn4tRjOuHZhRzIHa4tLvU9aIAdVfaiLlLjpNNn6kxVEPzXNX2SLo4Y-cqbQ7d6wMbtD1E_U1wZMlAueoPPe5J83mX9weULl-mmChmt0E4TLYb2n-Nx72KTDiQukwRz-SASKZax-oxSvMpuDsa9PZNMwoni_uX-wfGSL7md9--PtqW8drlJZkqa6WK--9CyweAmyVu6Im938dFeikC0n8Mc9lMf619d0S52Mz1irqwhBtEwrIQrGARVz3Im_BuNMgZqa0yE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iYWH51GY8_AOYOdgAfslZ7gCMme0rFcvfGU93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNMgBCakCaiBpgLhNsD7gAgCoAwGqBIYCT9DzGR__hL7r2_SC1JhTL1ueEzi0Ox3rSQBzXEei7BUfUOjfmIB13GRNXEgPDyDauKIlSLyXcxcUbnKJOFzMIr6_Rn09LWuCtKsukpRBvYxAnfNw9wsPVs7qJ0vfgzADKYq1b7vfG6HmJ6ZUTxJxCawUVI4vJ0gY4vnZ_V6AyCnew2JZ0Z5K-CyzciV__ZWjUMrDOEaQLNSodLmAz-G5NRGwtsXMJs3g-wplCPvuGCDie3vz1yb8UZTxzNyjCix9vFQmtk-UvaTJiXxk3IPatYH_Ovmx05J0IqFrt20mSWb8Lht-KzyTUFbNI-muWu6NHhL_GYR4q71YEGlHhkLt6VJMd7RHAeAEAYAGg5SY49Ss1K1doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T_jeK5G5_9lqPVhv_-YnkUa8pRg%26client%3Dca-pub-8580196427209314%26adurl%3D
Frame ID: BBC6CAE2AB6914269BAE2BD7D7902DBE
Requests: 34 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: CE7C84FCEF0038A77B789CC76D40B3CC
Requests: 62 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C08B1D3396454F6EC8D87F73853BA08
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LKD9GaYAUlEKqmF0ENHbHL4TSMlp96a1WK2pS7gMh1I.js
Frame ID: 032C1F3A19CE0C5EAFC0E88B637E49E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C8CB1EE66584050584CA0D38D1B1261
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B41B821A6410D2E300FA4B8DAD6DE676
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Казахстана – последние новости от NUR.KZ

Page URL History Show full URLs

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

290
Requests

88 %
HTTPS

45 %
IPv6

59
Domains

89
Subdomains

63
IPs

13
Countries

3910 kB
Transfer

10618 kB
Size

84
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_header_banner

Search URL Search Domain Scan URL

URL: https://special.nur.kz/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://kaz.nur.kz/
Title: KZ

Search URL Search Domain Scan URL

URL: https://1xbet.kz/?tag=s_43153m_2205c_button&site=43153&ad=2205
Title: Ставки на спорт!

Search URL Search Domain Scan URL

URL: https://bit.ly/3Ex7PIs
Title: Бизнес с

Search URL Search Domain Scan URL

URL: https://z.cdn.adpool.bet/go?z=1880602630
Title: Забери

Search URL Search Domain Scan URL

URL: https://special.nur.kz/kmf-anniversary?utm_source=nur.kz&utm_medium=push&utm_campaign=kmf-anniversary&utm_id=1
Title: <img class="post-preview-media__picture" sizes="(max-width: 755px) 97px, (max-width: 1151px) calc((100vw - 152px) / 3), 231px" srcset="https://cdn.nur.kz/images/720x405/fbb0a8466cd1c369.jpeg?version=1 720w, https://cdn.nur.kz/images/560x315/fbb0a8466cd1c369.jpeg?version=1 560w, https://cdn.nur.kz/images/272x153/fbb0a8466cd1c369.jpeg?version=1 272w, https://cdn.nur.kz/images/176x99/fbb0a8466cd1c369.jpeg?version=1 176w" src="https://cdn.nur.kz/images/272x153/fbb0a8466cd1c369.jpeg?version=1" alt="картина" title="картина" decoding="async" /> Экономика Как развивалось микрофинансирование в Казахстане Сегодня, 09:00

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/252771/clickURL?ad-session-id=7388841665572127748&hash=fb64602db5f676b3&puid1=Homepage&sj=QiQn1xUeDwekTFkZCDX_tR8Gd0ZLgI_flqNQl2fPRbQorOauMtAjK-9cxojzWA%3D%3D&rand=uvrvui&rqs=H0HEFo7LaoQfnUZjeQu6cqPhzZU5iX8v&pr=jsksnvt&p1=crsny&ytt=369987273490437&p5=moyar&ybv=0.664225&p2=gfdy&ylv=0.664225&pf=https%3A%2F%2Fwww.election.gov.kz%2Fkaz%2F

Search URL Search Domain Scan URL

URL: https://1xbet.kz/en
Title: Матч-центр

Search URL Search Domain Scan URL

URL: https://refpaopsxi.top/L?tag=s_1748319m_2205c_&site=1748319&ad=2205&r=%2Fline%2FFootball%2F118587-UEFA-Champions-League%2F147607797-Napoli-Ajax%2F
Title: Лига Чемпионов УЕФА 12.10 Наполи Аякс 22:45 П1 1.6 Ничья 4.88 П2 5.35

Search URL Search Domain Scan URL

URL: https://refpaopsxi.top/L?tag=s_1748319m_2205c_&site=1748319&ad=2205&r=%2Fline%2FFootball%2F118587-UEFA-Champions-League%2F147607800-Atletico-Madrid-Club-Brugge%2F
Title: Лига Чемпионов УЕФА 12.10 Атлетико Мадрид Брюгге 22:45 П1 1.478 Ничья 4.68 П2 7.9

Search URL Search Domain Scan URL

URL: https://refpaopsxi.top/L?tag=s_1748319m_2205c_&site=1748319&ad=2205&r=%2Fline%2FFootball%2F118587-UEFA-Champions-League%2F147606873-Rangers-Liverpool%2F
Title: Лига Чемпионов УЕФА 13.10 Рейнджерс Ливерпуль 01:00 П1 7.6 Ничья 5.15 П2 1.448

Search URL Search Domain Scan URL

URL: https://refpaopsxi.top/L?tag=s_1748319m_2205c_&site=1748319&ad=2205&r=%2Fline%2FFootball%2F118587-UEFA-Champions-League%2F147606001-Viktoria-Plzen-Bayern-Munich%2F
Title: Лига Чемпионов УЕФА 13.10 Виктория Пльзень Бавария 01:00 П1 14.5 Ничья 7.8 П2 1.22

Search URL Search Domain Scan URL

URL: https://t.me/newsnurkz
Title: Telegram

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMK7ylAswg8SqAw
Title: Google News

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kaznews/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://corp.nur.kz/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PortalNURKZ

Search URL Search Domain Scan URL

URL: https://vk.com/portalnurkz

Search URL Search Domain Scan URL

URL: https://ok.ru/portalnurkz

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@newsnurkz

Search URL Search Domain Scan URL

URL: https://apps.apple.com/kz/app/id830230766?utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=by.tut.nurkz.android&utm_source=nur.kz&utm_medium=organic&utm_campaign=app_install&utm_content=app_install_footer&utm_term=app_update_footer

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C102765781

Search URL Search Domain Scan URL

URL: https://genesistudio.net/
Title: YouTube MCN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nur.kz/ HTTP 301
https://www.nur.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 185

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 206

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDsAYQs6iEFpTaJpIS0TIpE&google_cver=1&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buGX7YZZvTHb-T7eFfjJ4_paQQm7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk1SU4zV0otRC0yTlFL&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buGX7YZZvTHb-T7eFfjJ4_paQQm7

Request Chain 207

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_cver=1&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtUWT8eHcCU2pZqSagSsFBYW8VXBK0NdlCAiU8YuSnzdZk-GYn1MKEDOMs5kzjFZZX HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtUWT8eHcCU2pZqSagSsFBYW8VXBK0NdlCAiU8YuSnzdZk-GYn1MKEDOMs5kzjFZZX&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_hm=Y0adIS4Bimyb0M3bZ0DDEAAABGQAAAIB&google_nid=index&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtUWT8eHcCU2pZqSagSsFBYW8VXBK0NdlCAiU8YuSnzdZk-GYn1MKEDOMs5kzjFZZX

Request Chain 213

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/b2a81c3231494fb6f02a5b

Request Chain 214

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=CEB803C1219D46631E00A21C02AB894F&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/1CB35A9D219D466319013957022FCFD3

Request Chain 215

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=A9B803C1219D46631A00A5A802627A76&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/1CB35A9D219D466319013957022FCFD3

Request Chain 216

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/2bd1594a-dc98-521d-a472-2273c734bf52

Request Chain 217

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=CDA438B2E2D2C396 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=CDA438B2E2D2C396

Request Chain 218

https://an.yandex.ru/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 220

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C0A8978EAAA7EF1D

Request Chain 221

https://an.yandex.ru/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=F373292E87EA8477

Request Chain 223

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 224

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 225

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 227

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=D4B962C9812EFDA

Request Chain 229

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/b35c50e489314d1738cb15a34246c59be107b3dd65b211bb5fcbbf1fc3325b82

Request Chain 232

https://dmg.digitaltarget.ru/1/119/i/i?i=1665572128 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1665572128 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/mgSkHFWJS8b3w067Ai9f

Request Chain 233

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/84c6fc58-757d-47be-bf2c-149d39edfd3e HTTP 302
https://match.360yield.com/match?external_user_id=84c6fc58-757d-47be-bf2c-149d39edfd3e&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 234

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/00f5b904-6b64-472f-560b-75cc17df77fe

Request Chain 236

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 237

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/gP3HRTjPL4s.AikABlGDy9XLSw

Request Chain 238

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2453226796 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/xK2LQpkEbFaDVV8iL6LRh.

Request Chain 240

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/wI09fGokhRXpyNNnB1L3

Request Chain 241

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=2a5c1b9f-b526-4888-8c68-e4b5b089a906&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F2a5c1b9f-b526-4888-8c68-e4b5b089a906 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/2a5c1b9f-b526-4888-8c68-e4b5b089a906

Request Chain 242

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=cc7adf89527c4133a03db5b3c17f0e13 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=cc7adf89527c4133a03db5b3c17f0e13

Request Chain 245

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/62d24302-4a1c-11ed-acfd-901b0e8b2a6e?sign=396158333

Request Chain 248

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/4aafdeb9-c455-46af-8e29-0a7b25a35410

Request Chain 249

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/uDU6UxpNk3uGzwGXzuzhAA?sign=2681650755

Request Chain 250

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/zF65KIfJpKEj?sign=919006749

Request Chain 251

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/wJQC6z5jkS7_

Request Chain 252

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&RedC=c.clarity.ms&MXFR=2056F7F3D0C76E8E1EE9E5C8D4C760C1 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&MUID=2352370078216A5D2CCF253B79506B25

Request Chain 254

https://mc.yandex.com/watch/490795?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572129%3Ac%3A1%3Arn%3A319288246%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572129%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572129%3Ac%3A1%3Arn%3A319288246%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572129%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 275

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=I51GY-X2D7XEmLAPzrSt0AY&random=343671882&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=313452745 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=313452745&ipr=y

Request Chain 276

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=I51GY7z6D7nFmLAPh96xiAc&random=1929967745&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=3228742289 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=3228742289&ipr=y

290 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nur.kz/
Redirect Chain

http://nur.kz/
https://www.nur.kz/

413 KB
44 KB

301ms
93ms

Document
text/html

91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

69b5aa9fb6f91c576f897daa154236f3c4bc7e31024920b0ffbcdc2833f3b360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, OPTIONS
cache-control: public, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 10:55:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-f-status: HIT
x-frame-options: SAMEORIGIN always

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 12 Oct 2022 10:55:26 GMT
Location: https://www.nur.kz/
Server: nginx

GET
H2 200 0429262c77074acb.webp
cdn.nur.kz/images/1120x630/ 50 KB
50 KB 493ms
290ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/1120x630/0429262c77074acb.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

8b3d9dd5d77badb134d805ae01841ddb4e9ef60a02c024d986c5190f987d2e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 12 Oct 2022 09:59:50 GMT
server: nginx
x-cs: HIT
etag: "dca4dedf179bac042db4eed6ba6762aa"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 50708
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 common.40673476.css
www.nur.kz/nur/css/ 32 KB
5 KB 93ms
93ms Stylesheet
text/css 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/css/common.40673476.css

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ead8ad10265275e2d3225db2aac4afc36a05a8dec75424fd3f4f4b1c98883afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 05 Aug 2022 08:32:53 GMT
server: nginx
etag: W/"ef184b4f7f6bd41c32c608c1a9aefb94"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H/1.1 200
OK io.js Show response
cdn.onthe.io/ 56 KB
18 KB 54ms
14ms Script
text/javascript 142.93.164.210
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.164.210 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 10:55:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:27:17 GMT
Server: nginx
ETag: W/"60e6fd35-de2a"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Thu, 13 Oct 2022 10:55:27 GMT

GET
H2 200 logo.svg
www.nur.kz/nur/img/ 6 KB
3 KB 166ms
163ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 14 Jul 2022 16:52:02 GMT
server: nginx
etag: W/"c8a85e40ba1720d4d5fadb39c893c3e6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 0429262c77074acb.webp
cdn.nur.kz/images/560x315/ 20 KB
20 KB 474ms
292ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/560x315/0429262c77074acb.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5aeeb0c2520ad8cffdd705c5f2f7c680703fd2874851cf12a515ba9452377bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 12 Oct 2022 09:59:50 GMT
server: nginx
x-cs: HIT
etag: "190159e22cae2c3a3e9e9d87bf63b7c0"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20362
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 placeholder-1x1.gif
www.nur.kz/nur/img/ 43 B
423 B 166ms
164ms Image
image/gif 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/placeholder-1x1.gif?v=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 14 Jul 2022 16:52:07 GMT
server: nginx
etag: W/"325472601571f31e1bf00674c368d335"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
14ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 09:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 12 Oct 2022 11:15:57 GMT

GET
H2 200 94ylzt75u2 Show response
www.clarity.ms/tag/ 1 KB
2 KB 178ms
115ms Script
application/x-javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/94ylzt75u2
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1a1e4564ff3dd2212011700ac5b83f083d9cf6c1f7902a3836e44b86b6d3d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date: Wed, 12 Oct 2022 10:55:27 GMT
x-azure-ref: 0H51GYwAAAADqitz2gvcjSLNH6bjTtPRGRlJBMjMxMDUwNDE5MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1529
expires: -1

GET
H2 200 1920x120_rus.png
www.nur.kz/nur/img/thematic-blocks/ 58 KB
58 KB 94ms
93ms Image
image/png 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/thematic-blocks/1920x120_rus.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 14 Jul 2022 16:52:25 GMT
server: nginx
etag: "d32d59515ed248a14c179e6e2e673d9a"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 58959
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 1xbet-partner.png
cdn.nur.kz/custom/logo/ 2 KB
2 KB 463ms
290ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/1xbet-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 10 Nov 2021 15:31:26 GMT
server: nginx
x-cs: HIT
etag: "d9e559e4b7931bf2cf97e89f9d7708c4"
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2180
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 fclub-libertex-partner.png
cdn.nur.kz/custom/logo/ 3 KB
3 KB 363ms
191ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/fclub-libertex-partner.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 28 Dec 2021 10:52:54 GMT
server: nginx
x-cs: HIT
etag: "b32bf7a5941815e4a4dc71bb126a1aa3"
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2946
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 KMF.png
cdn.nur.kz/custom/logo/ 5 KB
5 KB 363ms
191ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/KMF.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 13 Apr 2022 12:31:31 GMT
server: nginx
x-cs: HIT
etag: "55643c20d418d965722c9d75a7d6d2b4"
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4627
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 gift.png
cdn.nur.kz/static/ 25 KB
25 KB 463ms
291ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/static/gift.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c143e6ea1045e91d4e368dce6b2bcbf3dbad7346afc4cb2f6d44142839026b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 16 Sep 2022 11:47:51 GMT
server: nginx
x-cs: HIT
etag: "222ea97767b856f38bb1fe6fb5da01ae"
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25794
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 parimatch.png
cdn.nur.kz/custom/logo/ 4 KB
5 KB 447ms
292ms Image
image/png 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/custom/logo/parimatch.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 09 Nov 2021 19:46:09 GMT
server: nginx
x-cs: HIT
etag: "58febaebfd3c6d8472de1318e7079d30"
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4450
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 535b944c38218835.jpeg
cdn.nur.kz/images/272x153/ 10 KB
10 KB 446ms
292ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/535b944c38218835.jpeg?version=3

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5d01b9cf3603dfb111d664016b51bd2450af4dbb2b724e9115ca94cac3971b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 21 Sep 2022 12:38:06 GMT
server: nginx
x-cs: HIT
etag: "e2e0086383e356c37b095c5f2b14f0ad"
content-type: image/jpeg
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10211
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 1657ccd387502d11.jpeg
cdn.nur.kz/images/272x153/ 12 KB
12 KB 345ms
190ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/1657ccd387502d11.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

5d089760b9be924ea7339380e51a5e8565840507a2a321f43141ee921863d0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 28 Sep 2022 11:48:09 GMT
server: nginx
x-cs: HIT
etag: "4aefd52fe0a7d73a7b904e672892c75f"
content-type: image/jpeg
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12170
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 d4ea7b5c22824860.jpeg
cdn.nur.kz/images/272x153/ 32 KB
33 KB 446ms
292ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/d4ea7b5c22824860.jpeg?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b86d79adcfefe38afda6a21dbefeb72a2484083b1a6b91c5bfaeb242fe056d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Tue, 01 Mar 2022 02:36:03 GMT
server: nginx
x-cs: HIT
etag: "84812f716fcf772eae758ede258e8afa"
content-type: image/jpeg
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33213
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 7a5aad15155aeeab.jpeg
cdn.nur.kz/images/272x153/ 5 KB
5 KB 446ms
292ms Image
image/jpeg 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/7a5aad15155aeeab.jpeg?version=2

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 11 Mar 2021 14:37:00 GMT
server: nginx
x-cs: HIT
etag: "cad54c626842be5765616b721023eb2f"
content-type: image/jpeg
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4896
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 logo-1xbet.svg
www.nur.kz/nur/img/ 2 KB
1 KB 136ms
134ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/logo-1xbet.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

87f376600e26a1c20ab565500a2ed5ffe03ad5d64041ac4af6ae59344aae408f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 22 Jul 2022 07:06:04 GMT
server: nginx
etag: W/"5919e4441e98df3666f9aa9683481e4f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 128ms
30ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:uniques_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.91%20Safari%2F537.36,device:desktop,browser_version:Chrome%20106,browser:Chrome,depth:1,user_type:new,user_id:1dd43bfb5.e45572044_1665572127360,session_id:85c958f89.53a1c4647_1665572127360,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1665572127366
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 10:55:27 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/uniques/ 33 B
559 B 129ms
32ms Script
text/html 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/uniques/?current=12&holding=e3155c435e925683dd022a3f2070aae6&hash_user=1dd43bfb5.e45572044_1665572127360&1665572127368
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 10:55:27 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 124ms
31ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:visits_instantly[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.91%20Safari%2F537.36,device:desktop,browser_version:Chrome%20106,browser:Chrome,depth:1,user_type:new,user_id:1dd43bfb5.e45572044_1665572127360,session_id:85c958f89.53a1c4647_1665572127360,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&__io=1dd43bfb5.e45572044_1665572127360&1665572127372
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 10:55:27 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 124ms
33ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=336:pageviews[url:%2F,domain:www.nur.kz,page:%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ,page_type:main,language:ru,type_article:Main,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.91%20Safari%2F537.36,device:desktop,browser_version:Chrome%20106,browser:Chrome,depth:1,user_type:new,user_id:1dd43bfb5.e45572044_1665572127360,session_id:85c958f89.53a1c4647_1665572127360,cdn_version:36]&s=0d0db5a9a93692f403af81423ab76478&1665572127374
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 10:55:27 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 _vendors.6cc6d835.js Show response
www.nur.kz/nur/js/ 30 KB
9 KB 96ms
92ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_vendors.6cc6d835.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c63b4b83953bd97502b3f3f0f23e2cd61695f75cf49d09901d596c25af4ce6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 05 Aug 2022 08:33:06 GMT
server: nginx
etag: W/"9fd949a2f74ac142ecea2cda4632344d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
28 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a86137a748605b3a5b3163ab59e7e76ad6c95aaa6a1e120887c06674016c833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27727
x-xss-protection: 0
server: sffe
etag: "1361 / 98 of 1000 / last-modified: 1665549596"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 monetization.b856163e.js Show response
www.nur.kz/nur/js/ 10 KB
3 KB 99ms
94ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/monetization.b856163e.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

cd4f869e2420ad365ab78880ee158895f3b91b050e61ea4ef3225712e30503fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 05 Aug 2022 08:33:54 GMT
server: nginx
etag: W/"659f9222e4ca74199bbe6f3449fcd62a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
74 KB 77ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

722e5bb2daebd09ef48a41d29e976984536591b038e4fb6d50f14fc13b57de70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 _authorization.bad25502.js Show response
www.nur.kz/nur/js/ 20 KB
6 KB 101ms
97ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/_authorization.bad25502.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

25272e76cab18bcd741f31a95fa3e558adbcd2a201259988e10324eee1bda2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 06:34:33 GMT
server: nginx
etag: W/"15c9bf55cd0803325350eebf9e2339a4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 navigation.1757b2c5.js Show response
www.nur.kz/nur/js/ 23 KB
7 KB 102ms
98ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/navigation.1757b2c5.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

0f5cc46101d2ea860a02ced5db061198c1a256698478913248551738ad612d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:57 GMT
server: nginx
etag: W/"618fef2ae0b6831c5dabba4efe7de2df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 jitsu-init.9708d4af.js Show response
www.nur.kz/nur/js/ 40 KB
12 KB 102ms
98ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/jitsu-init.9708d4af.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

305dc1bee838e7e3b0b20fc8920c4cfe7ca1ebe3c1ebc2033df9b378f505c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:57 GMT
server: nginx
etag: W/"77404a529eb34c37952a2b77f5dc8f1c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 clarity.4fa235e1.js Show response
www.nur.kz/nur/js/ 11 KB
4 KB 102ms
99ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/clarity.4fa235e1.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1d8f13f74d90a0ce7e77a465e6a771744edc29261067c703bb307d5322f4d86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 06:34:39 GMT
server: nginx
etag: W/"fe42b7c855af6b4e3b9b79276905dda9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 one-signal.2206cc54.js Show response
www.nur.kz/nur/js/ 19 KB
6 KB 102ms
99ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/one-signal.2206cc54.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

ff51bc2f9b167087eded18af57b24ec8f4b8c5558c60b2541304de36ba46f833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:58 GMT
server: nginx
etag: W/"df7be7b0f818c3362983c1f2c91267f6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 home-recommendation.47ef8f13.js Show response
www.nur.kz/nur/js/ 30 KB
9 KB 102ms
100ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-recommendation.47ef8f13.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f01c2f2782c7d85b2154abb533f1f894b1e17610db36094f4b0d8c802e9bd4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:56 GMT
server: nginx
etag: W/"296f83585ca5c3ada2b1c07fee328506"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 home-page.89e7cb5c.js Show response
www.nur.kz/nur/js/ 27 KB
8 KB 109ms
107ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/home-page.89e7cb5c.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

306e53e628418281cbc0c66be146cf2c981243aee060334cc524603d999e7b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:55 GMT
server: nginx
etag: W/"240337fe43b8c085574d4d7d66fa28f7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 1xbet.22196414.js Show response
www.nur.kz/nur/js/ 2 KB
1 KB 110ms
108ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/1xbet.22196414.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

bfe9a28a74b54b5406bfda52b793023874e5b9c3c8e5d0718b8927150942266f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:51 GMT
server: nginx
etag: W/"0a755146234a9e1cac3f7ce0a399dc6c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 390 KB
105 KB 171ms
56ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a7e316d77229ed33dc8f27131eb909457dbb453c835e23104fd0f7265449d48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1665572127534243-13658467867776999105-vla1-5784-vla-l7-balancer-8080-BAL-8902
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Oct 2022 11:55:27 GMT

GET
H2 200 telegram.svg
www.nur.kz/nur/img/social-icons/subscribe/ 1 KB
912 B 99ms
98ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/social-icons/subscribe/telegram.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 14 Jul 2022 16:52:20 GMT
server: nginx
etag: W/"8f63cb3d421b31ce2664d9362639d010"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6273700-1&cid=37591007.1665572127&jid=1501605388&gjid=259108880&_gid=27235422.1665572127&_u=YGBAgUABCAAAAEAAI~&z=308964489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 17ms
17ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1592370362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABCAAAAAAAI~&jid=1501605388&gjid=259108880&cid=37591007.1665572127&tid=UA-6273700-1&_gid=27235422.1665572127&cd14=homepage&z=1110957627

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:19:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63372
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.42/ 53 KB
23 KB 113ms
112ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/94ylzt75u2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8da7270bdf0d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0H51GYwAAAACGG8Cd8dvnTYiqdxYPA4VIRlJBMjMxMDUwNDE5MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 chunk-lazysizes.d26b82f5.js Show response
www.nur.kz/nur/js/ 7 KB
3 KB 106ms
94ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-lazysizes.d26b82f5.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/_vendors.6cc6d835.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c403d8d2118a0a2e6d4c8a7dfcacad5930b82643c6cf375232e2251d2eebd92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 05 Aug 2022 08:33:20 GMT
server: nginx
etag: W/"6d7b8a9b33eba3963ff334a892729c76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 100ms
41ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6273700-1&cid=37591007.1665572127&jid=1501605388&_u=YGBAgUABCAAAAEAAI~&z=641276790

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 74ms
38ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6273700-1&cid=37591007.1665572127&jid=1501605388&_u=YGBAgUABCAAAAEAAI~&z=641276790

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
335 B 204ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oeaa0&_p=1592370362&_gaz=1&cid=37591007.1665572127&ul=en-us&sr=1600x1200&_s=1&sid=1665572127&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&en=page_view&_fv=1&_ss=2&_ee=1&ep.transport_type=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 61ms
20ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L3EYGX7DJS&cid=37591007.1665572127&gtm=2oeaa0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 46ms
40ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L3EYGX7DJS&cid=37591007.1665572127&gtm=2oeaa0&aip=1&z=45724890

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
45 KB 200ms
27ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5JGFBQR

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.47ef8f13.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a243dd6954020fad139c2e738354892bdefe862d284ad4949507f59dda66590f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45578
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 chunk-1.f189e038.js Show response
www.nur.kz/nur/js/ 31 KB
8 KB 94ms
94ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-1.f189e038.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/1xbet.22196414.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

a8d532347c58f48c959e82a661a0e3b0a635bf178f799abcdbc3bd26b96e21f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 14 Jul 2022 16:52:49 GMT
server: nginx
etag: W/"52cfc1087cfe20119301c39df95c8cba"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 chunk-1xBet.b68e5892.js Show response
www.nur.kz/nur/js/ 33 KB
9 KB 95ms
95ms Script
application/javascript 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nur.kz/nur/js/chunk-1xBet.b68e5892.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/1xbet.22196414.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

86b922ab8e049fbdad0bf20b631b6314098889b53b4f3163ada9180c97f0b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 14:16:53 GMT
server: nginx
etag: W/"f2a8ca840270326ad8ebcfe2a0539141"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:27 GMT

POST
H2 200 event Show response
stat.khanate.pro/api/v1/ 15 B
324 B 104ms
104ms XHR
application/json 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/nur/js/jitsu-init.9708d4af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
content-length: 15

GET
H3 200 pubads_impl_2022100402.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
128 KB 68ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 19:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131498
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 18:24:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Oct 2023 19:43:10 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
148 B 112ms
56ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123
x-xss-protection: 0
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 ee6e2796f3dfd2b4.webp
cdn.nur.kz/images/272x153/ 17 KB
17 KB 120ms
119ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/ee6e2796f3dfd2b4.webp?version=3

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

543f24dad003d6e1aed9da0c8982c4f7329cf7730cfc84fb3608a9f44e011fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 08 Jan 2022 15:16:58 GMT
server: nginx
x-cs: HIT
etag: "33533e8955a3c211e9ce64d696cda450"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16982
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 87f89947d7506275.webp
cdn.nur.kz/images/272x153/ 7 KB
7 KB 120ms
119ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/87f89947d7506275.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

1e97c0266ae65be466fc97ba62aa6c1b9c68fa140f95dab96ab7645c6ac1aa89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 26 Mar 2022 14:05:32 GMT
server: nginx
x-cs: HIT
etag: "06aee9cc5b654f77513db9a4d6b51957"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6700
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H/1.1 200
OK / Show response
tttt.onthe.io/ 0
287 B 27ms
27ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tttt.onthe.io/?k[]=364:uniques_holding&s=0d0db5a9a93692f403af81423ab76478&__io=1dd43bfb5.e45572044_1665572127360&1665572127650
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?ghDf5sWW6gLM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 10:55:27 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 bets Show response
sport.khanate.pro/one-x-bet/ 2 KB
1 KB 309ms
97ms Fetch
application/json 94.247.128.38
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://sport.khanate.pro/one-x-bet/bets

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/chunk-1xBet.b68e5892.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.38 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

3808d3665afd232850c0a57aae56ea7f37d3344a95bae8c110e6f643ead46218

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-f-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
etag: W/"654-ffY0bzHxSNXl/AneWPKaPmSGA8M"
expect-ct: max-age=0
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-download-options: noopen

OPTIONS
H2 200 event
stat.khanate.pro/api/v1/ Frame 0
0 295ms
95ms Preflight 94.247.128.43
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.khanate.pro/api/v1/event?token=js.d27utqeoss6s0dkb04pz1b.ss60lhmn5bgevjhl6d5qsw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.247.128.43 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, Host
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, UPDATE, PATCH
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 86400
content-length: 0
date: Wed, 12 Oct 2022 10:55:27 GMT
server: nginx

POST
H2 204 collect Show response
i.clarity.ms/ 0
155 B 498ms
195ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Wed, 12 Oct 2022 10:55:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/664225/ 13 KB
5 KB 117ms
37ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/3521127290410543dbe9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4579
last-modified: Mon, 10 Oct 2022 16:36:58 GMT
server: nginx/1.17.9
etag: "2608153af020534eac1710bcf8245ae2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H2 200 af106f46275b64363851.js Show response
yastatic.net/partner-code-bundles/664225/ 85 KB
19 KB 150ms
72ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/af106f46275b64363851.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b77d94bd4977d6ff9c0a1984ac05fe55ff6dece427b361e0abdf1cc4f13ad872

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19089
last-modified: Mon, 10 Oct 2022 16:36:59 GMT
server: nginx/1.17.9
etag: "7e3819d0deceac47ca5c91222e4bec88"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 162ms
85ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:11 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 211 B
349 B 208ms
208ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-10-12T10%3A55%3A27.745%2B00%3A00&pd=12&pdh=1200&pdw=1600&pr1=2634370040&pr=2999002233&prr=&pv=10&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.664225&ybv=0.664225&ytt=369987273490437&is-turbo=0&skip-token=&ad-session-id=7388841665572127748&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A13912%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=664225&available-width=1600&yaru=true&p1=coatn&p2=fylw&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C76%3B659470%2C0%2C5%3B661775%2C0%2C97%3B661998%2C0%2C48%3B648529%2C0%2C28%3B659282%2C0%2C15%3B658377%2C0%2C65%3B203897%2C0%2C64%3B661588%2C0%2C87&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uuRIm69I2SxjYRSdSSVBy3KAi39WYDJOmiTYvuFv33HeriWo5L190AfrAFzZnDuZwZ%2BuuML2ohwVRcKShMwTQzDZOsUmYupLnkBQjDa5OLKhOzF6%2B%2Bzj5vbj9tZy9m2y9%2Fz57NHrYfH%2Fg7%2FElTL6R09u31s9klU0bCHy0obS4r1pi5FJVhhZrYa9nCPkDkxyTxOoAVLxagTSHZysy5RJg5MgLDK7YAF4mIBpSEHQbULCvh4AD4Zc5rrgHPmF%2BopdBmxfVStNowPL9WbnAaJcHZ4E%2BBzMrSNFIUba7VYzfnQQNCnpnbPRCbW1aYXALT%2FBJMARpyzUVtxkKCgjPMWgkn0k3jMPJ3mHDVmBpWRl0gIcyH0ugBefKr0zg0TjucSiAhJFeyDEqjhRmA3Ufbmdu3WwXfaeDHESMHEYukdJ9IkAqjM7GMIp9E0cQ2InEcd7Z1H9feccWuDDCpTAMyh3qaaeJNIYKUBJODsCY%2FkmijKiaxuUBhxpyhiUI%2F6hHbmpeCFSA7PFZNQvrw4dN2zywkSZD2fWxJKCWt6wObQ197RphABYBFkCmQGL6p2f3mze12YhlEJO1Dh8WCOlabJfDFUptau12GNEj7AsxFW2tbMFdL6TRJ4mSQlzWrC7gysjWFqBh3BpJ6MQmiHcVMigs8H9IzC8kLp6Uf0yQ66tAUHHuEZ05z4ntRz%2Fcl1MTMW9QRFFcUpZNSSkM%2FHOS4s0V3XUFnQto6kKzgrfrtJxHWzPLuCaOYrdjaqYc0DOIhNcW8wVmiGlFjLWleAWrDQRd43tQ29IL%2BzE0uCsCiR9PaKZI0pAgzVN9cYJTBlvvo75SGoMs4Jo%2FN%2Bdyq0cqKARb0ryCMBC5Z2U6yFXjHrUtUi9pUVogvmeTsUDImTqnnDVHGia%2BsdOPw3wUbpMReL8ViH4FO7BMv7KPWSC4k12uTrVFtYNUI6Q54FEdDu9vXTS00zwFHW7VwmsUE7TozpRqTs3wJluExefS9SYhi6qd9VaCC5YPVQQscCBlNEkL7sI7FX3CJ087kyikTNPXjZK%2FtuEKqGE1cMnJLU7mcpgH1%2FYlt16pqt6g0rCh4vXCDhHTITCdt2K963YAJ3KxR3uheDVYyx2QqnvESU%2Bt2l8bRDy0NLgd5yfOLE95HjKotNc9YXSNtHDxzjnspt4eYs9wtWWlChina8xhA%2BvmH8o4d1ZRsneHeZGVBS1GWhwPmYAZ6JAz6GlhIlhH3u9iH3vd3jeIvJ3ypTzzX%2B0fkzac%2FsBiLYwndWJbwE%2FPcpyTqre2KI2GOvb60ncBzt10SDFMEg4b7eGXbXEI97gONhMw9xyIcRMSftBLuBhLrGucuNjHmw84mhWslTkbsbTef1A%2BHXv5uxJrGHmWBreE2Jn5KJ0yWXHfH2APDYF5o4WYRxIRMFuu8qYbtd7cdK7dQ4MoWDBNyh5H%2Fb4yDda%2BAOcOOOvPaEFIv6tuxtksDxqdiuu8h1lheXugn7sXaJ8OuNAa6XzzxXtiCpXcqzTSKoj5TJXu5Nt1A7Eb6vtXX2Z%2Fbh7d%2FVZsP1zf3Q7%2FcvX9zc7tVbze3N%2FfXsxfk22Sppd6wLu7TsdePrLS6UOKWsu%2Fg1exuc3P7%2FMMn5PbP5v7d9gt%2B%2F%2F3mbnO9%2FTh5dL256568%2B3d737%2B%2B%2BXzz8L7%2Fevd89%2BP1cTbHk%2Fe4Jk%2Fk8e3D7TSI6agYxx1g71a8rc69VJ5A3aOtRZsvn5i0avFisH5izmu2e%2FKUXFGofxmRFaq4OLwC4e0xxjk9qaLuibXISoE13K%2F4DdP50n3B89M0GbawaYCXrBA4IgTuLOPfBshjvVqCBCf5MKEkPRsS%2By%2BHRg%2BxG6XPLVBP6Mjg3QoHGjsI14%2FPNipad6HqdpvuJ5Pn%2F7OSkoQ8Xll4bZdTq7fnLiw0CY7tQAPgEJDxL46fQvr2H0tP6CI%3D&use-server-side-rendering=1&pcode-icookie=64imFGi1doSPEUl5zOw320HcKfzz68chQYSAoC44KzRCxKZBTkOi9OkmBTQQPJqvbF%2BbKxmgdEwpTaIr7DAGLm%2F%2B8ps%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjtJDkuO1BGKgLDUv0m9N2Tey4r4uj3_dvPP2ENjrndeyWKYP3Gy92CLu2SRo_cZo4Idu3A3ccwhudn7t22drBC-iZDewJaJMqqMLQjdcUvtTL3ufpmEWERVRUVVQUKhKHMENBKA8FAUVAHkpqCEwYhdIwCpBcPwqFYVQBqIBTQ7yRHIpDWUi4epJQVhfYDpYgIK-gAwzgaMEADXxGHIsEvimEs-JFK1EYIOQRD3xTxbHIoyEKJYHiotUQ-sIKFoIiQBTKLlG-kCRXBD6MAIe6EgEv4gIOtC_uVWCExAFIHriCawJoGFpg-F-2c7Wq4oVY9RC_Xw1AXFjB2SoqWiMNiBWfLA-JV1e6asvldaD9PIo9XnMlGTbunSkChNcGYbUJ9wT99jwwSydYzVn08It3ZeCuPdeXBwj2VqMJ7N8ZLUk5FOwznSwkKpzIQlGAoNwWyj46jJFdgv8JgFegyAcpFB0WyJWM5OwTLwAiT4jZ_pyOIh_4OXQoPctDGLOb6KwJoX5gBWXDw4JQvN9IrztL6lWGQH0YoxA_QOzrOgaZYMYQ6exjlGEtx6G8riiCkTGXXcFWYoBk9GQBeUCycPMarOV3Vn_5C7Pzh3fWzK-Ql6-eDNCVarQoADKCwNw3EM0e8H4g2b5LPixlmLML5qyrKV8e5iK__oy8eM-10IQ_b5mmlRsFIF7osoqArIbw_JkrYsGeKzvfHjDxFjzFNzJzR_o_9vzSz6WMV6ThE96yV7Tq81T5TPoJnulHUE9f96Md-aEmw6egzjrzUa5fn2hEuJDzKJzL7dvjB2QDFChq4Y1sfz1bWkHek7v8I5gDyL80WdnR8It3-V_Pgiabj4dD2Wx6lnsJK1QPB1GD3cePepYJm_V9jD35PPvHhm7j9xlFvcVfaXmOhmZ8rytAEeyMviDwl-75l3W7coC4bPoizaFH_qxX7jjZacWvjdSlPO_r3qSUrfH0TNkIAAiNOk7rh0y4_4p_spH_wyGd3QmbFX1H-Vx_tAj3miRzTWgh3GFbq0jrp3woNEEonEY83OL_SaJKRxXr9LR0VGlmoKWLk1if0kJs4p6OucWg06VxVrWZLgXLbEhVNOqEMk40WnOl0WjjVBuDZd4XZrYhW4ln1QAGsL-3-TogAa9-K909t-8WAnrXHRXKNGIeDEcvQVtDuEP1t-2Rl-V-QkYMXhZ1w97VbpceEJbuARUCYydyt902E8zMtHTMfRyjxoCs0ugzlQosM2VGnVaAqvIBMtPSGRLkDmWUKGMNpa-SL8zKZl7JvdJU7UsqkCuvwDZwnlOqE12mRmYTptVQolSnBiVNql61jE9Vr6HWDKeZFXiz1yzRHixtxquiW8Vcl2qV-aqtbKWem_TKA3KOPFElRn1qqeqyWJ9w4UqfaFGo8iROdZas5JdYB1Ceg5LEVDmVBnm6t65cRXM5CEHoebcP2S_KrE8AgxftVTwbf-oV52z8LX8xycZ_wpr-zcYfv5zqeoqNf-UvKth2LoaYQWyr7dwPmZVLIDFvj_NbhmWPSaip4tzRlozKONZo-SRmyv3SGGunB_gwK0dFmXGTlccpyLFDQuuXRjQ9cqrXbpcj8L7WnFiS65mWujqgvQZipq1ggFabLWdbAdRy7IxZcnJI9fm2wJktFRzEqZMk9pQcN3UJYx6VXajqDKDR6HSpmibJ9F-cnaT2wJyxtpbDO74e-DPyloNsl18UjepMa0i01DPML5nlU2l6BXMpHwBtOSYY8R-w-6q8UEnJ81QJRj-6vMAFc-tUOJuAwQIzBI7dbw7XmUUEFBh6eOhbdU25ZA-Vs_vBgdshIu7EkN0f9qLWGLpl4Pf-US1JdkmzcW8HvI3AqNfQoMhjdao1qMzclLn2RpvkaZD2nsmjwss6mkxtaOk2LlyNvahuMm_H-7wst8vQgjq5O6Wl4rO-k8oTkRd4WRWhH_iTLzDxt4ewA_ebOZUIaIfeuWcwdMyU3HlTKY0-VzAmhez4boc6SZZ8odg0xsT0YiEg2TJdMbSU0tsnz-Sy0amAOjsnGk_S0V7MHxXoAP6eQlIi3N9-R7gfNRYE8GuJRE9GTuYM5T6c-xjlm1rkk-YQ2LWA6dD_hJ4nikqEsxPyx60FbsR-1147kjsng6AuDe2BQrJe0URhdyyhPgYaPfnC4WlLxJLMBe9BwYer8R9wkj5GtAcVf1ZkE2EU9mw-seU5YXcji57UQWrH3XnVSlXmxaBLjHVlTSHgS9JnyDTKOH_W7wwuO4W0lO7kpVoo9D6MGrWhSWg6VUozsU1ICNXP8RLzS35SpWqNJVFfVAuRZ6mX58aEemZSHSc0Ez70RrFobxacIk9SUHJdAvISMlZaXoL7NLxIH1KL_wSanREPvNSQZDN9CU2sVC8_zC7sl-XIjH1wZ5JOw918s3bGUv2EmYqBD9yPXbVDFqZA_DjB5r4ME5XSpVye2H1otIbyAjRbmIwRXHomU52AlS4t4-Bt2aKN43g5cxOlzt0MrqI7aTwWh95jIVf5r1Azo0qjV8apKyP3q0ku42slXumBmB5K3tbNnV_3yjgZMT5fHPYGy18jm3l0OT8SqBnckXBbA_owoA8DLQTudeM85TcxolN-lqT8UHhNvLFC9SG-XwQzs4Sa3gQO-iyhzxIuswRxLdcxNUJMYNMzMaGPEEuOEFzfCBoro4RBNsaYaj5M9Caw0UeHJUeHtx9iofnYQ-Rtuua0ZZuKXvopmUmVlErJ2Xy6hhdOdOe1DPnNvJ6I8cUShvJbmpByvjBnRC_MWXE4sBpNdAcFSkd5Po2lxUS-iRDRdKQp2ifNc9J_z2qP9Kkg3soX3KaG3DUXnBKmbmcYtxPxDWo4nyGioWdAj46z4vhAfyOkuLFDcV-2Qdcj8pgtZfhTygUkaksF0jaYGreLvHvOJ0DygpzCM9G-Df2lPOg9M3c8_9M9FCXYPIHu4nLiewNzE2GiN4ELiYlo93Fxg-PM-92jkugot7bMvlIqk-c6-N36cNUBXSbNHbn2Qw_Vp8UOBuxmNpXJwvfseNOSxngKTd-sfNH2AfGMRm30GGezqtJler2VXl870Ro-DNVzgN0pLn4De8uTBwifXa7yW96uRVYaWDctE3ionb4siJlRTmgHO85uNjrJ8xynT9ajKZYeWXiTblxDVgG15eOx1AKS49dCg5pVr0UwwzRkBsyPDPlx3s6pgH_euKnlZJzwdmwIx-fS2eK95q_ypcfEP55wyG0p34F1eX3FI3rXcXSlKXu89rJbfnT8-Ec5vWNGFh4IWI-ogXh7RcWwjH4LzXZNddj3OU4nO8cpOZhG-zwTOrsqQd1dIZo2e6cr97bi4R6v35ys2P-Suq5__HoRZ4tPn4mdEVkCjufUaFCx8iKh3-aux-J1jnWNTUY_lQifHd1r9McHyea4UeNOXl3iibWMwIJJ506fEH0bZMVBXajaWx7-rPnURjIUjeMRbTTgsPKK7VlCp8HLtEmGCY_bbFjRdsTwC22GVmhn9HUqOJ5joKFHw8jS5zKHsBvT1GfmPeDmtDfbm5qEwDx9dPXJxhTgnry9Eqz789ruUXTjxup7ndur0OXJocWFXGga7HdAYfvk7oMjf60hGsmK6_7lCdJdjzNJFwTRX4vL6CMwlmHtzJc0weA0jRc-qBoVJ7kXCEVS8K0IG7PPMcyNXoeLRN949IJHcBPfBZY2Ea34-HN44UwsXHq-WxBNXepF0W4hSHzX73uFfI7fTgXyQlTjXUn-zOiESuPlkLUnAsYChMnxu5hYeA5g9gw90CQfgqhkB21dJjoOpamNhCexfvsuqAZauqud-umT47DakXTtOvSa8FUlZOcuLU0hnbST4wtmZNWM21Zj-ebbjZlmCJbVR8U0OxUv1XYkL27tZM_uJNU8CXMpmcY6unTQW_xveUn4HHqOJTLXIXVngRzfMxPYLFbLdog8uutcXPCElNC4tOAB8pFWb-TY5btIacGkP4BFX9oSHVP44xWfyRE6_5qjpldkQ7cHpe_oSpwtRJlYNjE_Ot87OFFxQ70S8POOqJYEnbQT9oLYvyxAeqrsG4G-gJ3asYC1WbmZ03dhYtm7dAxxLtdWCHgvk4gfIYOMO_LzssYOTjRbb2Nx4vfMUjvJv8cxun1SV8iL3rSooAIdysCrXbCcBPZNsaLOpzt3mwAyZpbJYLfWgjCWCeyyFek7tsjNGDlqNOeHRUGatGHE4bGRK42SYioUS7s02w45XvYzQDq1uBvf2_UxFOo06pTfiexpOHFcNkrxRLgjtuphdskcPvb2nWeqxJDi4l_PDMhTdZyPPGPGjw0blMRAncY5I8jGNK4O6Dw3pCoUjUk7s5SCEmXjVOEioC-9EQn_kB1p_lk3aT4BtnsXFA6Pc4GdpxZo2M3revahBu9aFqfUmiMxbkNiu0j2Edm2Qfm4yHx3tOtRtkksy61WWnmuz9T3_Hkndv6b-yvijtKn607mmWZeDrE_s3A9slRmn2Vr7A-Fa4drzlKpe66PcdlCh-9eVp4gX88OmecarR6Z7-zkF5qtsQNjExcx9DfM7eXVd5L5YTzhA9IC37XqebTkrwCbIG6XKpCHGSd_u6aJOOpONXGpZOx9u3er0gwGG75dtJYlfp5WbqyDlUfXgWYxJRfQPEoMtUNKnqFv5CMoSdg4i5osd7Q1WaM02fgKn34RVJ_AbXQj7Vi-MovfC1LoO74qpdFD09WfXAf1swTRpQV_C2_oQNfbQ6LaqZrfGf-z60XCHiU8Ku240TN9CmrskSG8dTl3eubzxK9z8RpZb5xSCEeDxiJ1iakStYFlbMSxY3IOxGNO-IUAQ_z8ulitl64s9SrWEoiYWragXK6wI7HXUewnFPgdr5PczqXJ1CKZ-HRXeNePnOPucAZU2LDCxfpg2eYAfbIwaLKgPYzi4yYs6GsRu3HYIQ57uCYC6JFsvh-38QQUjHrFapb09s6MJsvw6uD8eGaPIH9CJ2qsfY-9KUqQDjPmBajoUYOL0VOE3p0AsyEyh1COAtGdy-JGcd1MXxlRl3h8Bxk7skhU4vDeBN1V41eNXsTFQ53_&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bbc9c0aa6e99682e61c96631c4d846110c2f3972c2be84fa77efbbf674e5ff81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1665572127806246-15497506329497505541-vla1-5784-vla-l7-balancer-8080-BAL-5395
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:27 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 211 B
606 B 121ms
121ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-10-12T10%3A55%3A27.781%2B00%3A00&pd=12&pdh=1200&pdw=1600&pr1=2653379721&pr=2999002233&prr=&pv=10&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.664225&ybv=0.664225&ytt=369987273490437&is-turbo=0&skip-token=&ad-session-id=7388841665572127748&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A13912%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=664225&available-width=1600&yaru=true&p1=cobal&p2=gttr&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C76%3B659470%2C0%2C5%3B661775%2C0%2C97%3B661998%2C0%2C48%3B648529%2C0%2C28%3B659282%2C0%2C15%3B658377%2C0%2C65%3B203897%2C0%2C64%3B661588%2C0%2C87&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uuRIm69I2SxjYRSdSSVBy3KAi39WYDJOmiTYvuFv33HeriWo5L190AfrAFzZnDuZwZ%2BuuML2ohwVRcKShMwTQzDZOsUmYupLnkBQjDa5OLKhOzF6%2B%2Bzj5vbj9tZy9m2y9%2Fz57NHrYfH%2Fg7%2FElTL6R09u31s9klU0bCHy0obS4r1pi5FJVhhZrYa9nCPkDkxyTxOoAVLxagTSHZysy5RJg5MgLDK7YAF4mIBpSEHQbULCvh4AD4Zc5rrgHPmF%2BopdBmxfVStNowPL9WbnAaJcHZ4E%2BBzMrSNFIUba7VYzfnQQNCnpnbPRCbW1aYXALT%2FBJMARpyzUVtxkKCgjPMWgkn0k3jMPJ3mHDVmBpWRl0gIcyH0ugBefKr0zg0TjucSiAhJFeyDEqjhRmA3Ufbmdu3WwXfaeDHESMHEYukdJ9IkAqjM7GMIp9E0cQ2InEcd7Z1H9feccWuDDCpTAMyh3qaaeJNIYKUBJODsCY%2FkmijKiaxuUBhxpyhiUI%2F6hHbmpeCFSA7PFZNQvrw4dN2zywkSZD2fWxJKCWt6wObQ197RphABYBFkCmQGL6p2f3mze12YhlEJO1Dh8WCOlabJfDFUptau12GNEj7AsxFW2tbMFdL6TRJ4mSQlzWrC7gysjWFqBh3BpJ6MQmiHcVMigs8H9IzC8kLp6Uf0yQ66tAUHHuEZ05z4ntRz%2Fcl1MTMW9QRFFcUpZNSSkM%2FHOS4s0V3XUFnQto6kKzgrfrtJxHWzPLuCaOYrdjaqYc0DOIhNcW8wVmiGlFjLWleAWrDQRd43tQ29IL%2BzE0uCsCiR9PaKZI0pAgzVN9cYJTBlvvo75SGoMs4Jo%2FN%2Bdyq0cqKARb0ryCMBC5Z2U6yFXjHrUtUi9pUVogvmeTsUDImTqnnDVHGia%2BsdOPw3wUbpMReL8ViH4FO7BMv7KPWSC4k12uTrVFtYNUI6Q54FEdDu9vXTS00zwFHW7VwmsUE7TozpRqTs3wJluExefS9SYhi6qd9VaCC5YPVQQscCBlNEkL7sI7FX3CJ087kyikTNPXjZK%2FtuEKqGE1cMnJLU7mcpgH1%2FYlt16pqt6g0rCh4vXCDhHTITCdt2K963YAJ3KxR3uheDVYyx2QqnvESU%2Bt2l8bRDy0NLgd5yfOLE95HjKotNc9YXSNtHDxzjnspt4eYs9wtWWlChina8xhA%2BvmH8o4d1ZRsneHeZGVBS1GWhwPmYAZ6JAz6GlhIlhH3u9iH3vd3jeIvJ3ypTzzX%2B0fkzac%2FsBiLYwndWJbwE%2FPcpyTqre2KI2GOvb60ncBzt10SDFMEg4b7eGXbXEI97gONhMw9xyIcRMSftBLuBhLrGucuNjHmw84mhWslTkbsbTef1A%2BHXv5uxJrGHmWBreE2Jn5KJ0yWXHfH2APDYF5o4WYRxIRMFuu8qYbtd7cdK7dQ4MoWDBNyh5H%2Fb4yDda%2BAOcOOOvPaEFIv6tuxtksDxqdiuu8h1lheXugn7sXaJ8OuNAa6XzzxXtiCpXcqzTSKoj5TJXu5Nt1A7Eb6vtXX2Z%2Fbh7d%2FVZsP1zf3Q7%2FcvX9zc7tVbze3N%2FfXsxfk22Sppd6wLu7TsdePrLS6UOKWsu%2Fg1exuc3P7%2FMMn5PbP5v7d9gt%2B%2F%2F3mbnO9%2FTh5dL256568%2B3d737%2B%2B%2BXzz8L7%2Fevd89%2BP1cTbHk%2Fe4Jk%2Fk8e3D7TSI6agYxx1g71a8rc69VJ5A3aOtRZsvn5i0avFisH5izmu2e%2FKUXFGofxmRFaq4OLwC4e0xxjk9qaLuibXISoE13K%2F4DdP50n3B89M0GbawaYCXrBA4IgTuLOPfBshjvVqCBCf5MKEkPRsS%2By%2BHRg%2BxG6XPLVBP6Mjg3QoHGjsI14%2FPNipad6HqdpvuJ5Pn%2F7OSkoQ8Xll4bZdTq7fnLiw0CY7tQAPgEJDxL46fQvr2H0tP6CI%3D&use-server-side-rendering=1&pcode-icookie=64imFGi1doSPEUl5zOw320HcKfzz68chQYSAoC44KzRCxKZBTkOi9OkmBTQQPJqvbF%2BbKxmgdEwpTaIr7DAGLm%2F%2B8ps%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjtJDkuO1BGKgLDUv0m9N2Tey4r4uj3_dvPP2ENjrndeyWKYP3Gy92CLu2SRo_cZo4Idu3A3ccwhudn7t22drBC-iZDewJaJMqqMLQjdcUvtTL3ufpmEWERVRUVVQUKhKHMENBKA8FAUVAHkpqCEwYhdIwCpBcPwqFYVQBqIBTQ7yRHIpDWUi4epJQVhfYDpYgIK-gAwzgaMEADXxGHIsEvimEs-JFK1EYIOQRD3xTxbHIoyEKJYHiotUQ-sIKFoIiQBTKLlG-kCRXBD6MAIe6EgEv4gIOtC_uVWCExAFIHriCawJoGFpg-F-2c7Wq4oVY9RC_Xw1AXFjB2SoqWiMNiBWfLA-JV1e6asvldaD9PIo9XnMlGTbunSkChNcGYbUJ9wT99jwwSydYzVn08It3ZeCuPdeXBwj2VqMJ7N8ZLUk5FOwznSwkKpzIQlGAoNwWyj46jJFdgv8JgFegyAcpFB0WyJWM5OwTLwAiT4jZ_pyOIh_4OXQoPctDGLOb6KwJoX5gBWXDw4JQvN9IrztL6lWGQH0YoxA_QOzrOgaZYMYQ6exjlGEtx6G8riiCkTGXXcFWYoBk9GQBeUCycPMarOV3Vn_5C7Pzh3fWzK-Ql6-eDNCVarQoADKCwNw3EM0e8H4g2b5LPixlmLML5qyrKV8e5iK__oy8eM-10IQ_b5mmlRsFIF7osoqArIbw_JkrYsGeKzvfHjDxFjzFNzJzR_o_9vzSz6WMV6ThE96yV7Tq81T5TPoJnulHUE9f96Md-aEmw6egzjrzUa5fn2hEuJDzKJzL7dvjB2QDFChq4Y1sfz1bWkHek7v8I5gDyL80WdnR8It3-V_Pgiabj4dD2Wx6lnsJK1QPB1GD3cePepYJm_V9jD35PPvHhm7j9xlFvcVfaXmOhmZ8rytAEeyMviDwl-75l3W7coC4bPoizaFH_qxX7jjZacWvjdSlPO_r3qSUrfH0TNkIAAiNOk7rh0y4_4p_spH_wyGd3QmbFX1H-Vx_tAj3miRzTWgh3GFbq0jrp3woNEEonEY83OL_SaJKRxXr9LR0VGlmoKWLk1if0kJs4p6OucWg06VxVrWZLgXLbEhVNOqEMk40WnOl0WjjVBuDZd4XZrYhW4ln1QAGsL-3-TogAa9-K909t-8WAnrXHRXKNGIeDEcvQVtDuEP1t-2Rl-V-QkYMXhZ1w97VbpceEJbuARUCYydyt902E8zMtHTMfRyjxoCs0ugzlQosM2VGnVaAqvIBMtPSGRLkDmWUKGMNpa-SL8zKZl7JvdJU7UsqkCuvwDZwnlOqE12mRmYTptVQolSnBiVNql61jE9Vr6HWDKeZFXiz1yzRHixtxquiW8Vcl2qV-aqtbKWem_TKA3KOPFElRn1qqeqyWJ9w4UqfaFGo8iROdZas5JdYB1Ceg5LEVDmVBnm6t65cRXM5CEHoebcP2S_KrE8AgxftVTwbf-oV52z8LX8xycZ_wpr-zcYfv5zqeoqNf-UvKth2LoaYQWyr7dwPmZVLIDFvj_NbhmWPSaip4tzRlozKONZo-SRmyv3SGGunB_gwK0dFmXGTlccpyLFDQuuXRjQ9cqrXbpcj8L7WnFiS65mWujqgvQZipq1ggFabLWdbAdRy7IxZcnJI9fm2wJktFRzEqZMk9pQcN3UJYx6VXajqDKDR6HSpmibJ9F-cnaT2wJyxtpbDO74e-DPyloNsl18UjepMa0i01DPML5nlU2l6BXMpHwBtOSYY8R-w-6q8UEnJ81QJRj-6vMAFc-tUOJuAwQIzBI7dbw7XmUUEFBh6eOhbdU25ZA-Vs_vBgdshIu7EkN0f9qLWGLpl4Pf-US1JdkmzcW8HvI3AqNfQoMhjdao1qMzclLn2RpvkaZD2nsmjwss6mkxtaOk2LlyNvahuMm_H-7wst8vQgjq5O6Wl4rO-k8oTkRd4WRWhH_iTLzDxt4ewA_ebOZUIaIfeuWcwdMyU3HlTKY0-VzAmhez4boc6SZZ8odg0xsT0YiEg2TJdMbSU0tsnz-Sy0amAOjsnGk_S0V7MHxXoAP6eQlIi3N9-R7gfNRYE8GuJRE9GTuYM5T6c-xjlm1rkk-YQ2LWA6dD_hJ4nikqEsxPyx60FbsR-1147kjsng6AuDe2BQrJe0URhdyyhPgYaPfnC4WlLxJLMBe9BwYer8R9wkj5GtAcVf1ZkE2EU9mw-seU5YXcji57UQWrH3XnVSlXmxaBLjHVlTSHgS9JnyDTKOH_W7wwuO4W0lO7kpVoo9D6MGrWhSWg6VUozsU1ICNXP8RLzS35SpWqNJVFfVAuRZ6mX58aEemZSHSc0Ez70RrFobxacIk9SUHJdAvISMlZaXoL7NLxIH1KL_wSanREPvNSQZDN9CU2sVC8_zC7sl-XIjH1wZ5JOw918s3bGUv2EmYqBD9yPXbVDFqZA_DjB5r4ME5XSpVye2H1otIbyAjRbmIwRXHomU52AlS4t4-Bt2aKN43g5cxOlzt0MrqI7aTwWh95jIVf5r1Azo0qjV8apKyP3q0ku42slXumBmB5K3tbNnV_3yjgZMT5fHPYGy18jm3l0OT8SqBnckXBbA_owoA8DLQTudeM85TcxolN-lqT8UHhNvLFC9SG-XwQzs4Sa3gQO-iyhzxIuswRxLdcxNUJMYNMzMaGPEEuOEFzfCBoro4RBNsaYaj5M9Caw0UeHJUeHtx9iofnYQ-Rtuua0ZZuKXvopmUmVlErJ2Xy6hhdOdOe1DPnNvJ6I8cUShvJbmpByvjBnRC_MWXE4sBpNdAcFSkd5Po2lxUS-iRDRdKQp2ifNc9J_z2qP9Kkg3soX3KaG3DUXnBKmbmcYtxPxDWo4nyGioWdAj46z4vhAfyOkuLFDcV-2Qdcj8pgtZfhTygUkaksF0jaYGreLvHvOJ0DygpzCM9G-Df2lPOg9M3c8_9M9FCXYPIHu4nLiewNzE2GiN4ELiYlo93Fxg-PM-92jkugot7bMvlIqk-c6-N36cNUBXSbNHbn2Qw_Vp8UOBuxmNpXJwvfseNOSxngKTd-sfNH2AfGMRm30GGezqtJler2VXl870Ro-DNVzgN0pLn4De8uTBwifXa7yW96uRVYaWDctE3ionb4siJlRTmgHO85uNjrJ8xynT9ajKZYeWXiTblxDVgG15eOx1AKS49dCg5pVr0UwwzRkBsyPDPlx3s6pgH_euKnlZJzwdmwIx-fS2eK95q_ypcfEP55wyG0p34F1eX3FI3rXcXSlKXu89rJbfnT8-Ec5vWNGFh4IWI-ogXh7RcWwjH4LzXZNddj3OU4nO8cpOZhG-zwTOrsqQd1dIZo2e6cr97bi4R6v35ys2P-Suq5__HoRZ4tPn4mdEVkCjufUaFCx8iKh3-aux-J1jnWNTUY_lQifHd1r9McHyea4UeNOXl3iibWMwIJJ506fEH0bZMVBXajaWx7-rPnURjIUjeMRbTTgsPKK7VlCp8HLtEmGCY_bbFjRdsTwC22GVmhn9HUqOJ5joKFHw8jS5zKHsBvT1GfmPeDmtDfbm5qEwDx9dPXJxhTgnry9Eqz789ruUXTjxup7ndur0OXJocWFXGga7HdAYfvk7oMjf60hGsmK6_7lCdJdjzNJFwTRX4vL6CMwlmHtzJc0weA0jRc-qBoVJ7kXCEVS8K0IG7PPMcyNXoeLRN949IJHcBPfBZY2Ea34-HN44UwsXHq-WxBNXepF0W4hSHzX73uFfI7fTgXyQlTjXUn-zOiESuPlkLUnAsYChMnxu5hYeA5g9gw90CQfgqhkB21dJjoOpamNhCexfvsuqAZauqud-umT47DakXTtOvSa8FUlZOcuLU0hnbST4wtmZNWM21Zj-ebbjZlmCJbVR8U0OxUv1XYkL27tZM_uJNU8CXMpmcY6unTQW_xveUn4HHqOJTLXIXVngRzfMxPYLFbLdog8uutcXPCElNC4tOAB8pFWb-TY5btIacGkP4BFX9oSHVP44xWfyRE6_5qjpldkQ7cHpe_oSpwtRJlYNjE_Ot87OFFxQ70S8POOqJYEnbQT9oLYvyxAeqrsG4G-gJ3asYC1WbmZ03dhYtm7dAxxLtdWCHgvk4gfIYOMO_LzssYOTjRbb2Nx4vfMUjvJv8cxun1SV8iL3rSooAIdysCrXbCcBPZNsaLOpzt3mwAyZpbJYLfWgjCWCeyyFek7tsjNGDlqNOeHRUGatGHE4bGRK42SYioUS7s02w45XvYzQDq1uBvf2_UxFOo06pTfiexpOHFcNkrxRLgjtuphdskcPvb2nWeqxJDi4l_PDMhTdZyPPGPGjw0blMRAncY5I8jGNK4O6Dw3pCoUjUk7s5SCEmXjVOEioC-9EQn_kB1p_lk3aT4BtnsXFA6Pc4GdpxZo2M3revahBu9aFqfUmiMxbkNiu0j2Edm2Qfm4yHx3tOtRtkksy61WWnmuz9T3_Hkndv6b-yvijtKn607mmWZeDrE_s3A9slRmn2Vr7A-Fa4drzlKpe66PcdlCh-9eVp4gX88OmecarR6Z7-zkF5qtsQNjExcx9DfM7eXVd5L5YTzhA9IC37XqebTkrwCbIG6XKpCHGSd_u6aJOOpONXGpZOx9u3er0gwGG75dtJYlfp5WbqyDlUfXgWYxJRfQPEoMtUNKnqFv5CMoSdg4i5osd7Q1WaM02fgKn34RVJ_AbXQj7Vi-MovfC1LoO74qpdFD09WfXAf1swTRpQV_C2_oQNfbQ6LaqZrfGf-z60XCHiU8Ku240TN9CmrskSG8dTl3eubzxK9z8RpZb5xSCEeDxiJ1iakStYFlbMSxY3IOxGNO-IUAQ_z8ulitl64s9SrWEoiYWragXK6wI7HXUewnFPgdr5PczqXJ1CKZ-HRXeNePnOPucAZU2LDCxfpg2eYAfbIwaLKgPYzi4yYs6GsRu3HYIQ57uCYC6JFsvh-38QQUjHrFapb09s6MJsvw6uD8eGaPIH9CJ2qsfY-9KUqQDjPmBajoUYOL0VOE3p0AsyEyh1COAtGdy-JGcd1MXxlRl3h8Bxk7skhU4vDeBN1V41eNXsTFQ53_&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

587b18e16ecb7bbd1526aaf43343877da659a23df8eb1ef63e0aa855d55596ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1665572127853054-16030306255494535988-vla1-5784-vla-l7-balancer-8080-BAL-8380
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:27 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 3 KB
1 KB 130ms
129ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-10-12T10%3A55%3A27.787%2B00%3A00&pd=12&pdh=1200&pdw=1600&pr1=467399456&pr=2999002233&prr=&pv=10&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.664225&ybv=0.664225&ytt=369987273490437&is-turbo=0&skip-token=&ad-session-id=7388841665572127748&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22isInIframe%22%3Afalse%2C%22w%22%3A241%2C%22h%22%3A0%2C%22width%22%3A241%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1103%2C%22top%22%3A572%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=664225&available-width=241&yaru=true&p1=crsny&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C76%3B659470%2C0%2C5%3B661775%2C0%2C97%3B661998%2C0%2C48%3B648529%2C0%2C28%3B659282%2C0%2C15%3B658377%2C0%2C65%3B203897%2C0%2C64%3B661588%2C0%2C87&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uuRIm69I2SxjYRSdSSVBy3KAi39WYDJOmiTYvuFv33HeriWo5L190AfrAFzZnDuZwZ%2BuuML2ohwVRcKShMwTQzDZOsUmYupLnkBQjDa5OLKhOzF6%2B%2Bzj5vbj9tZy9m2y9%2Fz57NHrYfH%2Fg7%2FElTL6R09u31s9klU0bCHy0obS4r1pi5FJVhhZrYa9nCPkDkxyTxOoAVLxagTSHZysy5RJg5MgLDK7YAF4mIBpSEHQbULCvh4AD4Zc5rrgHPmF%2BopdBmxfVStNowPL9WbnAaJcHZ4E%2BBzMrSNFIUba7VYzfnQQNCnpnbPRCbW1aYXALT%2FBJMARpyzUVtxkKCgjPMWgkn0k3jMPJ3mHDVmBpWRl0gIcyH0ugBefKr0zg0TjucSiAhJFeyDEqjhRmA3Ufbmdu3WwXfaeDHESMHEYukdJ9IkAqjM7GMIp9E0cQ2InEcd7Z1H9feccWuDDCpTAMyh3qaaeJNIYKUBJODsCY%2FkmijKiaxuUBhxpyhiUI%2F6hHbmpeCFSA7PFZNQvrw4dN2zywkSZD2fWxJKCWt6wObQ197RphABYBFkCmQGL6p2f3mze12YhlEJO1Dh8WCOlabJfDFUptau12GNEj7AsxFW2tbMFdL6TRJ4mSQlzWrC7gysjWFqBh3BpJ6MQmiHcVMigs8H9IzC8kLp6Uf0yQ66tAUHHuEZ05z4ntRz%2Fcl1MTMW9QRFFcUpZNSSkM%2FHOS4s0V3XUFnQto6kKzgrfrtJxHWzPLuCaOYrdjaqYc0DOIhNcW8wVmiGlFjLWleAWrDQRd43tQ29IL%2BzE0uCsCiR9PaKZI0pAgzVN9cYJTBlvvo75SGoMs4Jo%2FN%2Bdyq0cqKARb0ryCMBC5Z2U6yFXjHrUtUi9pUVogvmeTsUDImTqnnDVHGia%2BsdOPw3wUbpMReL8ViH4FO7BMv7KPWSC4k12uTrVFtYNUI6Q54FEdDu9vXTS00zwFHW7VwmsUE7TozpRqTs3wJluExefS9SYhi6qd9VaCC5YPVQQscCBlNEkL7sI7FX3CJ087kyikTNPXjZK%2FtuEKqGE1cMnJLU7mcpgH1%2FYlt16pqt6g0rCh4vXCDhHTITCdt2K963YAJ3KxR3uheDVYyx2QqnvESU%2Bt2l8bRDy0NLgd5yfOLE95HjKotNc9YXSNtHDxzjnspt4eYs9wtWWlChina8xhA%2BvmH8o4d1ZRsneHeZGVBS1GWhwPmYAZ6JAz6GlhIlhH3u9iH3vd3jeIvJ3ypTzzX%2B0fkzac%2FsBiLYwndWJbwE%2FPcpyTqre2KI2GOvb60ncBzt10SDFMEg4b7eGXbXEI97gONhMw9xyIcRMSftBLuBhLrGucuNjHmw84mhWslTkbsbTef1A%2BHXv5uxJrGHmWBreE2Jn5KJ0yWXHfH2APDYF5o4WYRxIRMFuu8qYbtd7cdK7dQ4MoWDBNyh5H%2Fb4yDda%2BAOcOOOvPaEFIv6tuxtksDxqdiuu8h1lheXugn7sXaJ8OuNAa6XzzxXtiCpXcqzTSKoj5TJXu5Nt1A7Eb6vtXX2Z%2Fbh7d%2FVZsP1zf3Q7%2FcvX9zc7tVbze3N%2FfXsxfk22Sppd6wLu7TsdePrLS6UOKWsu%2Fg1exuc3P7%2FMMn5PbP5v7d9gt%2B%2F%2F3mbnO9%2FTh5dL256568%2B3d737%2B%2B%2BXzz8L7%2Fevd89%2BP1cTbHk%2Fe4Jk%2Fk8e3D7TSI6agYxx1g71a8rc69VJ5A3aOtRZsvn5i0avFisH5izmu2e%2FKUXFGofxmRFaq4OLwC4e0xxjk9qaLuibXISoE13K%2F4DdP50n3B89M0GbawaYCXrBA4IgTuLOPfBshjvVqCBCf5MKEkPRsS%2By%2BHRg%2BxG6XPLVBP6Mjg3QoHGjsI14%2FPNipad6HqdpvuJ5Pn%2F7OSkoQ8Xll4bZdTq7fnLiw0CY7tQAPgEJDxL46fQvr2H0tP6CI%3D&use-server-side-rendering=1&pcode-icookie=64imFGi1doSPEUl5zOw320HcKfzz68chQYSAoC44KzRCxKZBTkOi9OkmBTQQPJqvbF%2BbKxmgdEwpTaIr7DAGLm%2F%2B8ps%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjtJDkuO1BGKgLDUv0m9N2Tey4r4uj3_dvPP2ENjrndeyWKYP3Gy92CLu2SRo_cZo4Idu3A3ccwhudn7t22drBC-iZDewJaJMqqMLQjdcUvtTL3ufpmEWERVRUVVQUKhKHMENBKA8FAUVAHkpqCEwYhdIwCpBcPwqFYVQBqIBTQ7yRHIpDWUi4epJQVhfYDpYgIK-gAwzgaMEADXxGHIsEvimEs-JFK1EYIOQRD3xTxbHIoyEKJYHiotUQ-sIKFoIiQBTKLlG-kCRXBD6MAIe6EgEv4gIOtC_uVWCExAFIHriCawJoGFpg-F-2c7Wq4oVY9RC_Xw1AXFjB2SoqWiMNiBWfLA-JV1e6asvldaD9PIo9XnMlGTbunSkChNcGYbUJ9wT99jwwSydYzVn08It3ZeCuPdeXBwj2VqMJ7N8ZLUk5FOwznSwkKpzIQlGAoNwWyj46jJFdgv8JgFegyAcpFB0WyJWM5OwTLwAiT4jZ_pyOIh_4OXQoPctDGLOb6KwJoX5gBWXDw4JQvN9IrztL6lWGQH0YoxA_QOzrOgaZYMYQ6exjlGEtx6G8riiCkTGXXcFWYoBk9GQBeUCycPMarOV3Vn_5C7Pzh3fWzK-Ql6-eDNCVarQoADKCwNw3EM0e8H4g2b5LPixlmLML5qyrKV8e5iK__oy8eM-10IQ_b5mmlRsFIF7osoqArIbw_JkrYsGeKzvfHjDxFjzFNzJzR_o_9vzSz6WMV6ThE96yV7Tq81T5TPoJnulHUE9f96Md-aEmw6egzjrzUa5fn2hEuJDzKJzL7dvjB2QDFChq4Y1sfz1bWkHek7v8I5gDyL80WdnR8It3-V_Pgiabj4dD2Wx6lnsJK1QPB1GD3cePepYJm_V9jD35PPvHhm7j9xlFvcVfaXmOhmZ8rytAEeyMviDwl-75l3W7coC4bPoizaFH_qxX7jjZacWvjdSlPO_r3qSUrfH0TNkIAAiNOk7rh0y4_4p_spH_wyGd3QmbFX1H-Vx_tAj3miRzTWgh3GFbq0jrp3woNEEonEY83OL_SaJKRxXr9LR0VGlmoKWLk1if0kJs4p6OucWg06VxVrWZLgXLbEhVNOqEMk40WnOl0WjjVBuDZd4XZrYhW4ln1QAGsL-3-TogAa9-K909t-8WAnrXHRXKNGIeDEcvQVtDuEP1t-2Rl-V-QkYMXhZ1w97VbpceEJbuARUCYydyt902E8zMtHTMfRyjxoCs0ugzlQosM2VGnVaAqvIBMtPSGRLkDmWUKGMNpa-SL8zKZl7JvdJU7UsqkCuvwDZwnlOqE12mRmYTptVQolSnBiVNql61jE9Vr6HWDKeZFXiz1yzRHixtxquiW8Vcl2qV-aqtbKWem_TKA3KOPFElRn1qqeqyWJ9w4UqfaFGo8iROdZas5JdYB1Ceg5LEVDmVBnm6t65cRXM5CEHoebcP2S_KrE8AgxftVTwbf-oV52z8LX8xycZ_wpr-zcYfv5zqeoqNf-UvKth2LoaYQWyr7dwPmZVLIDFvj_NbhmWPSaip4tzRlozKONZo-SRmyv3SGGunB_gwK0dFmXGTlccpyLFDQuuXRjQ9cqrXbpcj8L7WnFiS65mWujqgvQZipq1ggFabLWdbAdRy7IxZcnJI9fm2wJktFRzEqZMk9pQcN3UJYx6VXajqDKDR6HSpmibJ9F-cnaT2wJyxtpbDO74e-DPyloNsl18UjepMa0i01DPML5nlU2l6BXMpHwBtOSYY8R-w-6q8UEnJ81QJRj-6vMAFc-tUOJuAwQIzBI7dbw7XmUUEFBh6eOhbdU25ZA-Vs_vBgdshIu7EkN0f9qLWGLpl4Pf-US1JdkmzcW8HvI3AqNfQoMhjdao1qMzclLn2RpvkaZD2nsmjwss6mkxtaOk2LlyNvahuMm_H-7wst8vQgjq5O6Wl4rO-k8oTkRd4WRWhH_iTLzDxt4ewA_ebOZUIaIfeuWcwdMyU3HlTKY0-VzAmhez4boc6SZZ8odg0xsT0YiEg2TJdMbSU0tsnz-Sy0amAOjsnGk_S0V7MHxXoAP6eQlIi3N9-R7gfNRYE8GuJRE9GTuYM5T6c-xjlm1rkk-YQ2LWA6dD_hJ4nikqEsxPyx60FbsR-1147kjsng6AuDe2BQrJe0URhdyyhPgYaPfnC4WlLxJLMBe9BwYer8R9wkj5GtAcVf1ZkE2EU9mw-seU5YXcji57UQWrH3XnVSlXmxaBLjHVlTSHgS9JnyDTKOH_W7wwuO4W0lO7kpVoo9D6MGrWhSWg6VUozsU1ICNXP8RLzS35SpWqNJVFfVAuRZ6mX58aEemZSHSc0Ez70RrFobxacIk9SUHJdAvISMlZaXoL7NLxIH1KL_wSanREPvNSQZDN9CU2sVC8_zC7sl-XIjH1wZ5JOw918s3bGUv2EmYqBD9yPXbVDFqZA_DjB5r4ME5XSpVye2H1otIbyAjRbmIwRXHomU52AlS4t4-Bt2aKN43g5cxOlzt0MrqI7aTwWh95jIVf5r1Azo0qjV8apKyP3q0ku42slXumBmB5K3tbNnV_3yjgZMT5fHPYGy18jm3l0OT8SqBnckXBbA_owoA8DLQTudeM85TcxolN-lqT8UHhNvLFC9SG-XwQzs4Sa3gQO-iyhzxIuswRxLdcxNUJMYNMzMaGPEEuOEFzfCBoro4RBNsaYaj5M9Caw0UeHJUeHtx9iofnYQ-Rtuua0ZZuKXvopmUmVlErJ2Xy6hhdOdOe1DPnNvJ6I8cUShvJbmpByvjBnRC_MWXE4sBpNdAcFSkd5Po2lxUS-iRDRdKQp2ifNc9J_z2qP9Kkg3soX3KaG3DUXnBKmbmcYtxPxDWo4nyGioWdAj46z4vhAfyOkuLFDcV-2Qdcj8pgtZfhTygUkaksF0jaYGreLvHvOJ0DygpzCM9G-Df2lPOg9M3c8_9M9FCXYPIHu4nLiewNzE2GiN4ELiYlo93Fxg-PM-92jkugot7bMvlIqk-c6-N36cNUBXSbNHbn2Qw_Vp8UOBuxmNpXJwvfseNOSxngKTd-sfNH2AfGMRm30GGezqtJler2VXl870Ro-DNVzgN0pLn4De8uTBwifXa7yW96uRVYaWDctE3ionb4siJlRTmgHO85uNjrJ8xynT9ajKZYeWXiTblxDVgG15eOx1AKS49dCg5pVr0UwwzRkBsyPDPlx3s6pgH_euKnlZJzwdmwIx-fS2eK95q_ypcfEP55wyG0p34F1eX3FI3rXcXSlKXu89rJbfnT8-Ec5vWNGFh4IWI-ogXh7RcWwjH4LzXZNddj3OU4nO8cpOZhG-zwTOrsqQd1dIZo2e6cr97bi4R6v35ys2P-Suq5__HoRZ4tPn4mdEVkCjufUaFCx8iKh3-aux-J1jnWNTUY_lQifHd1r9McHyea4UeNOXl3iibWMwIJJ506fEH0bZMVBXajaWx7-rPnURjIUjeMRbTTgsPKK7VlCp8HLtEmGCY_bbFjRdsTwC22GVmhn9HUqOJ5joKFHw8jS5zKHsBvT1GfmPeDmtDfbm5qEwDx9dPXJxhTgnry9Eqz789ruUXTjxup7ndur0OXJocWFXGga7HdAYfvk7oMjf60hGsmK6_7lCdJdjzNJFwTRX4vL6CMwlmHtzJc0weA0jRc-qBoVJ7kXCEVS8K0IG7PPMcyNXoeLRN949IJHcBPfBZY2Ea34-HN44UwsXHq-WxBNXepF0W4hSHzX73uFfI7fTgXyQlTjXUn-zOiESuPlkLUnAsYChMnxu5hYeA5g9gw90CQfgqhkB21dJjoOpamNhCexfvsuqAZauqud-umT47DakXTtOvSa8FUlZOcuLU0hnbST4wtmZNWM21Zj-ebbjZlmCJbVR8U0OxUv1XYkL27tZM_uJNU8CXMpmcY6unTQW_xveUn4HHqOJTLXIXVngRzfMxPYLFbLdog8uutcXPCElNC4tOAB8pFWb-TY5btIacGkP4BFX9oSHVP44xWfyRE6_5qjpldkQ7cHpe_oSpwtRJlYNjE_Ot87OFFxQ70S8POOqJYEnbQT9oLYvyxAeqrsG4G-gJ3asYC1WbmZ03dhYtm7dAxxLtdWCHgvk4gfIYOMO_LzssYOTjRbb2Nx4vfMUjvJv8cxun1SV8iL3rSooAIdysCrXbCcBPZNsaLOpzt3mwAyZpbJYLfWgjCWCeyyFek7tsjNGDlqNOeHRUGatGHE4bGRK42SYioUS7s02w45XvYzQDq1uBvf2_UxFOo06pTfiexpOHFcNkrxRLgjtuphdskcPvb2nWeqxJDi4l_PDMhTdZyPPGPGjw0blMRAncY5I8jGNK4O6Dw3pCoUjUk7s5SCEmXjVOEioC-9EQn_kB1p_lk3aT4BtnsXFA6Pc4GdpxZo2M3revahBu9aFqfUmiMxbkNiu0j2Edm2Qfm4yHx3tOtRtkksy61WWnmuz9T3_Hkndv6b-yvijtKn607mmWZeDrE_s3A9slRmn2Vr7A-Fa4drzlKpe66PcdlCh-9eVp4gX88OmecarR6Z7-zkF5qtsQNjExcx9DfM7eXVd5L5YTzhA9IC37XqebTkrwCbIG6XKpCHGSd_u6aJOOpONXGpZOx9u3er0gwGG75dtJYlfp5WbqyDlUfXgWYxJRfQPEoMtUNKnqFv5CMoSdg4i5osd7Q1WaM02fgKn34RVJ_AbXQj7Vi-MovfC1LoO74qpdFD09WfXAf1swTRpQV_C2_oQNfbQ6LaqZrfGf-z60XCHiU8Ku240TN9CmrskSG8dTl3eubzxK9z8RpZb5xSCEeDxiJ1iakStYFlbMSxY3IOxGNO-IUAQ_z8ulitl64s9SrWEoiYWragXK6wI7HXUewnFPgdr5PczqXJ1CKZ-HRXeNePnOPucAZU2LDCxfpg2eYAfbIwaLKgPYzi4yYs6GsRu3HYIQ57uCYC6JFsvh-38QQUjHrFapb09s6MJsvw6uD8eGaPIH9CJ2qsfY-9KUqQDjPmBajoUYOL0VOE3p0AsyEyh1COAtGdy-JGcd1MXxlRl3h8Bxk7skhU4vDeBN1V41eNXsTFQ53_&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c14a12282825a4a1c2d3cb329c8a85fc79fc20b622b2b116af73528960416e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1665572127853451-14630147365579183292-vla1-5784-vla-l7-balancer-8080-BAL-2065
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:27 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:27 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/252771/getBulk/ 3 KB
1 KB 295ms
295ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/252771/getBulk/v2?dl=https%3A%2F%2Fwww.nur.kz%2F&date=2022-10-12T10%3A55%3A27.790%2B00%3A00&pd=12&pdh=1200&pdw=1600&pr1=76237604&pr=2999002233&prr=&pv=10&pw=3&extid_loader=&extid_tag_loader=www.nur.kz&ylv=0.664225&ybv=0.664225&ytt=369987273490437&is-turbo=0&skip-token=&ad-session-id=7388841665572127748&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22isInIframe%22%3Afalse%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A436%2C%22top%22%3A330%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=664225&available-width=728&yaru=true&p1=crsnx&p2=gfdy&puid1=Homepage&puid2=&puid3=&puid4=&puid5=&puid6=&pk=&pke=1&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C76%3B659470%2C0%2C5%3B661775%2C0%2C97%3B661998%2C0%2C48%3B648529%2C0%2C28%3B659282%2C0%2C15%3B658377%2C0%2C65%3B203897%2C0%2C64%3B661588%2C0%2C87&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uuRIm69I2SxjYRSdSSVBy3KAi39WYDJOmiTYvuFv33HeriWo5L190AfrAFzZnDuZwZ%2BuuML2ohwVRcKShMwTQzDZOsUmYupLnkBQjDa5OLKhOzF6%2B%2Bzj5vbj9tZy9m2y9%2Fz57NHrYfH%2Fg7%2FElTL6R09u31s9klU0bCHy0obS4r1pi5FJVhhZrYa9nCPkDkxyTxOoAVLxagTSHZysy5RJg5MgLDK7YAF4mIBpSEHQbULCvh4AD4Zc5rrgHPmF%2BopdBmxfVStNowPL9WbnAaJcHZ4E%2BBzMrSNFIUba7VYzfnQQNCnpnbPRCbW1aYXALT%2FBJMARpyzUVtxkKCgjPMWgkn0k3jMPJ3mHDVmBpWRl0gIcyH0ugBefKr0zg0TjucSiAhJFeyDEqjhRmA3Ufbmdu3WwXfaeDHESMHEYukdJ9IkAqjM7GMIp9E0cQ2InEcd7Z1H9feccWuDDCpTAMyh3qaaeJNIYKUBJODsCY%2FkmijKiaxuUBhxpyhiUI%2F6hHbmpeCFSA7PFZNQvrw4dN2zywkSZD2fWxJKCWt6wObQ197RphABYBFkCmQGL6p2f3mze12YhlEJO1Dh8WCOlabJfDFUptau12GNEj7AsxFW2tbMFdL6TRJ4mSQlzWrC7gysjWFqBh3BpJ6MQmiHcVMigs8H9IzC8kLp6Uf0yQ66tAUHHuEZ05z4ntRz%2Fcl1MTMW9QRFFcUpZNSSkM%2FHOS4s0V3XUFnQto6kKzgrfrtJxHWzPLuCaOYrdjaqYc0DOIhNcW8wVmiGlFjLWleAWrDQRd43tQ29IL%2BzE0uCsCiR9PaKZI0pAgzVN9cYJTBlvvo75SGoMs4Jo%2FN%2Bdyq0cqKARb0ryCMBC5Z2U6yFXjHrUtUi9pUVogvmeTsUDImTqnnDVHGia%2BsdOPw3wUbpMReL8ViH4FO7BMv7KPWSC4k12uTrVFtYNUI6Q54FEdDu9vXTS00zwFHW7VwmsUE7TozpRqTs3wJluExefS9SYhi6qd9VaCC5YPVQQscCBlNEkL7sI7FX3CJ087kyikTNPXjZK%2FtuEKqGE1cMnJLU7mcpgH1%2FYlt16pqt6g0rCh4vXCDhHTITCdt2K963YAJ3KxR3uheDVYyx2QqnvESU%2Bt2l8bRDy0NLgd5yfOLE95HjKotNc9YXSNtHDxzjnspt4eYs9wtWWlChina8xhA%2BvmH8o4d1ZRsneHeZGVBS1GWhwPmYAZ6JAz6GlhIlhH3u9iH3vd3jeIvJ3ypTzzX%2B0fkzac%2FsBiLYwndWJbwE%2FPcpyTqre2KI2GOvb60ncBzt10SDFMEg4b7eGXbXEI97gONhMw9xyIcRMSftBLuBhLrGucuNjHmw84mhWslTkbsbTef1A%2BHXv5uxJrGHmWBreE2Jn5KJ0yWXHfH2APDYF5o4WYRxIRMFuu8qYbtd7cdK7dQ4MoWDBNyh5H%2Fb4yDda%2BAOcOOOvPaEFIv6tuxtksDxqdiuu8h1lheXugn7sXaJ8OuNAa6XzzxXtiCpXcqzTSKoj5TJXu5Nt1A7Eb6vtXX2Z%2Fbh7d%2FVZsP1zf3Q7%2FcvX9zc7tVbze3N%2FfXsxfk22Sppd6wLu7TsdePrLS6UOKWsu%2Fg1exuc3P7%2FMMn5PbP5v7d9gt%2B%2F%2F3mbnO9%2FTh5dL256568%2B3d737%2B%2B%2BXzz8L7%2Fevd89%2BP1cTbHk%2Fe4Jk%2Fk8e3D7TSI6agYxx1g71a8rc69VJ5A3aOtRZsvn5i0avFisH5izmu2e%2FKUXFGofxmRFaq4OLwC4e0xxjk9qaLuibXISoE13K%2F4DdP50n3B89M0GbawaYCXrBA4IgTuLOPfBshjvVqCBCf5MKEkPRsS%2By%2BHRg%2BxG6XPLVBP6Mjg3QoHGjsI14%2FPNipad6HqdpvuJ5Pn%2F7OSkoQ8Xll4bZdTq7fnLiw0CY7tQAPgEJDxL46fQvr2H0tP6CI%3D&use-server-side-rendering=1&pcode-icookie=64imFGi1doSPEUl5zOw320HcKfzz68chQYSAoC44KzRCxKZBTkOi9OkmBTQQPJqvbF%2BbKxmgdEwpTaIr7DAGLm%2F%2B8ps%3D&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9ChKjtJDkuO1BGKgLDUv0m9N2Tey4r4uj3_dvPP2ENjrndeyWKYP3Gy92CLu2SRo_cZo4Idu3A3ccwhudn7t22drBC-iZDewJaJMqqMLQjdcUvtTL3ufpmEWERVRUVVQUKhKHMENBKA8FAUVAHkpqCEwYhdIwCpBcPwqFYVQBqIBTQ7yRHIpDWUi4epJQVhfYDpYgIK-gAwzgaMEADXxGHIsEvimEs-JFK1EYIOQRD3xTxbHIoyEKJYHiotUQ-sIKFoIiQBTKLlG-kCRXBD6MAIe6EgEv4gIOtC_uVWCExAFIHriCawJoGFpg-F-2c7Wq4oVY9RC_Xw1AXFjB2SoqWiMNiBWfLA-JV1e6asvldaD9PIo9XnMlGTbunSkChNcGYbUJ9wT99jwwSydYzVn08It3ZeCuPdeXBwj2VqMJ7N8ZLUk5FOwznSwkKpzIQlGAoNwWyj46jJFdgv8JgFegyAcpFB0WyJWM5OwTLwAiT4jZ_pyOIh_4OXQoPctDGLOb6KwJoX5gBWXDw4JQvN9IrztL6lWGQH0YoxA_QOzrOgaZYMYQ6exjlGEtx6G8riiCkTGXXcFWYoBk9GQBeUCycPMarOV3Vn_5C7Pzh3fWzK-Ql6-eDNCVarQoADKCwNw3EM0e8H4g2b5LPixlmLML5qyrKV8e5iK__oy8eM-10IQ_b5mmlRsFIF7osoqArIbw_JkrYsGeKzvfHjDxFjzFNzJzR_o_9vzSz6WMV6ThE96yV7Tq81T5TPoJnulHUE9f96Md-aEmw6egzjrzUa5fn2hEuJDzKJzL7dvjB2QDFChq4Y1sfz1bWkHek7v8I5gDyL80WdnR8It3-V_Pgiabj4dD2Wx6lnsJK1QPB1GD3cePepYJm_V9jD35PPvHhm7j9xlFvcVfaXmOhmZ8rytAEeyMviDwl-75l3W7coC4bPoizaFH_qxX7jjZacWvjdSlPO_r3qSUrfH0TNkIAAiNOk7rh0y4_4p_spH_wyGd3QmbFX1H-Vx_tAj3miRzTWgh3GFbq0jrp3woNEEonEY83OL_SaJKRxXr9LR0VGlmoKWLk1if0kJs4p6OucWg06VxVrWZLgXLbEhVNOqEMk40WnOl0WjjVBuDZd4XZrYhW4ln1QAGsL-3-TogAa9-K909t-8WAnrXHRXKNGIeDEcvQVtDuEP1t-2Rl-V-QkYMXhZ1w97VbpceEJbuARUCYydyt902E8zMtHTMfRyjxoCs0ugzlQosM2VGnVaAqvIBMtPSGRLkDmWUKGMNpa-SL8zKZl7JvdJU7UsqkCuvwDZwnlOqE12mRmYTptVQolSnBiVNql61jE9Vr6HWDKeZFXiz1yzRHixtxquiW8Vcl2qV-aqtbKWem_TKA3KOPFElRn1qqeqyWJ9w4UqfaFGo8iROdZas5JdYB1Ceg5LEVDmVBnm6t65cRXM5CEHoebcP2S_KrE8AgxftVTwbf-oV52z8LX8xycZ_wpr-zcYfv5zqeoqNf-UvKth2LoaYQWyr7dwPmZVLIDFvj_NbhmWPSaip4tzRlozKONZo-SRmyv3SGGunB_gwK0dFmXGTlccpyLFDQuuXRjQ9cqrXbpcj8L7WnFiS65mWujqgvQZipq1ggFabLWdbAdRy7IxZcnJI9fm2wJktFRzEqZMk9pQcN3UJYx6VXajqDKDR6HSpmibJ9F-cnaT2wJyxtpbDO74e-DPyloNsl18UjepMa0i01DPML5nlU2l6BXMpHwBtOSYY8R-w-6q8UEnJ81QJRj-6vMAFc-tUOJuAwQIzBI7dbw7XmUUEFBh6eOhbdU25ZA-Vs_vBgdshIu7EkN0f9qLWGLpl4Pf-US1JdkmzcW8HvI3AqNfQoMhjdao1qMzclLn2RpvkaZD2nsmjwss6mkxtaOk2LlyNvahuMm_H-7wst8vQgjq5O6Wl4rO-k8oTkRd4WRWhH_iTLzDxt4ewA_ebOZUIaIfeuWcwdMyU3HlTKY0-VzAmhez4boc6SZZ8odg0xsT0YiEg2TJdMbSU0tsnz-Sy0amAOjsnGk_S0V7MHxXoAP6eQlIi3N9-R7gfNRYE8GuJRE9GTuYM5T6c-xjlm1rkk-YQ2LWA6dD_hJ4nikqEsxPyx60FbsR-1147kjsng6AuDe2BQrJe0URhdyyhPgYaPfnC4WlLxJLMBe9BwYer8R9wkj5GtAcVf1ZkE2EU9mw-seU5YXcji57UQWrH3XnVSlXmxaBLjHVlTSHgS9JnyDTKOH_W7wwuO4W0lO7kpVoo9D6MGrWhSWg6VUozsU1ICNXP8RLzS35SpWqNJVFfVAuRZ6mX58aEemZSHSc0Ez70RrFobxacIk9SUHJdAvISMlZaXoL7NLxIH1KL_wSanREPvNSQZDN9CU2sVC8_zC7sl-XIjH1wZ5JOw918s3bGUv2EmYqBD9yPXbVDFqZA_DjB5r4ME5XSpVye2H1otIbyAjRbmIwRXHomU52AlS4t4-Bt2aKN43g5cxOlzt0MrqI7aTwWh95jIVf5r1Azo0qjV8apKyP3q0ku42slXumBmB5K3tbNnV_3yjgZMT5fHPYGy18jm3l0OT8SqBnckXBbA_owoA8DLQTudeM85TcxolN-lqT8UHhNvLFC9SG-XwQzs4Sa3gQO-iyhzxIuswRxLdcxNUJMYNMzMaGPEEuOEFzfCBoro4RBNsaYaj5M9Caw0UeHJUeHtx9iofnYQ-Rtuua0ZZuKXvopmUmVlErJ2Xy6hhdOdOe1DPnNvJ6I8cUShvJbmpByvjBnRC_MWXE4sBpNdAcFSkd5Po2lxUS-iRDRdKQp2ifNc9J_z2qP9Kkg3soX3KaG3DUXnBKmbmcYtxPxDWo4nyGioWdAj46z4vhAfyOkuLFDcV-2Qdcj8pgtZfhTygUkaksF0jaYGreLvHvOJ0DygpzCM9G-Df2lPOg9M3c8_9M9FCXYPIHu4nLiewNzE2GiN4ELiYlo93Fxg-PM-92jkugot7bMvlIqk-c6-N36cNUBXSbNHbn2Qw_Vp8UOBuxmNpXJwvfseNOSxngKTd-sfNH2AfGMRm30GGezqtJler2VXl870Ro-DNVzgN0pLn4De8uTBwifXa7yW96uRVYaWDctE3ionb4siJlRTmgHO85uNjrJ8xynT9ajKZYeWXiTblxDVgG15eOx1AKS49dCg5pVr0UwwzRkBsyPDPlx3s6pgH_euKnlZJzwdmwIx-fS2eK95q_ypcfEP55wyG0p34F1eX3FI3rXcXSlKXu89rJbfnT8-Ec5vWNGFh4IWI-ogXh7RcWwjH4LzXZNddj3OU4nO8cpOZhG-zwTOrsqQd1dIZo2e6cr97bi4R6v35ys2P-Suq5__HoRZ4tPn4mdEVkCjufUaFCx8iKh3-aux-J1jnWNTUY_lQifHd1r9McHyea4UeNOXl3iibWMwIJJ506fEH0bZMVBXajaWx7-rPnURjIUjeMRbTTgsPKK7VlCp8HLtEmGCY_bbFjRdsTwC22GVmhn9HUqOJ5joKFHw8jS5zKHsBvT1GfmPeDmtDfbm5qEwDx9dPXJxhTgnry9Eqz789ruUXTjxup7ndur0OXJocWFXGga7HdAYfvk7oMjf60hGsmK6_7lCdJdjzNJFwTRX4vL6CMwlmHtzJc0weA0jRc-qBoVJ7kXCEVS8K0IG7PPMcyNXoeLRN949IJHcBPfBZY2Ea34-HN44UwsXHq-WxBNXepF0W4hSHzX73uFfI7fTgXyQlTjXUn-zOiESuPlkLUnAsYChMnxu5hYeA5g9gw90CQfgqhkB21dJjoOpamNhCexfvsuqAZauqud-umT47DakXTtOvSa8FUlZOcuLU0hnbST4wtmZNWM21Zj-ebbjZlmCJbVR8U0OxUv1XYkL27tZM_uJNU8CXMpmcY6unTQW_xveUn4HHqOJTLXIXVngRzfMxPYLFbLdog8uutcXPCElNC4tOAB8pFWb-TY5btIacGkP4BFX9oSHVP44xWfyRE6_5qjpldkQ7cHpe_oSpwtRJlYNjE_Ot87OFFxQ70S8POOqJYEnbQT9oLYvyxAeqrsG4G-gJ3asYC1WbmZ03dhYtm7dAxxLtdWCHgvk4gfIYOMO_LzssYOTjRbb2Nx4vfMUjvJv8cxun1SV8iL3rSooAIdysCrXbCcBPZNsaLOpzt3mwAyZpbJYLfWgjCWCeyyFek7tsjNGDlqNOeHRUGatGHE4bGRK42SYioUS7s02w45XvYzQDq1uBvf2_UxFOo06pTfiexpOHFcNkrxRLgjtuphdskcPvb2nWeqxJDi4l_PDMhTdZyPPGPGjw0blMRAncY5I8jGNK4O6Dw3pCoUjUk7s5SCEmXjVOEioC-9EQn_kB1p_lk3aT4BtnsXFA6Pc4GdpxZo2M3revahBu9aFqfUmiMxbkNiu0j2Edm2Qfm4yHx3tOtRtkksy61WWnmuz9T3_Hkndv6b-yvijtKn607mmWZeDrE_s3A9slRmn2Vr7A-Fa4drzlKpe66PcdlCh-9eVp4gX88OmecarR6Z7-zkF5qtsQNjExcx9DfM7eXVd5L5YTzhA9IC37XqebTkrwCbIG6XKpCHGSd_u6aJOOpONXGpZOx9u3er0gwGG75dtJYlfp5WbqyDlUfXgWYxJRfQPEoMtUNKnqFv5CMoSdg4i5osd7Q1WaM02fgKn34RVJ_AbXQj7Vi-MovfC1LoO74qpdFD09WfXAf1swTRpQV_C2_oQNfbQ6LaqZrfGf-z60XCHiU8Ku240TN9CmrskSG8dTl3eubzxK9z8RpZb5xSCEeDxiJ1iakStYFlbMSxY3IOxGNO-IUAQ_z8ulitl64s9SrWEoiYWragXK6wI7HXUewnFPgdr5PczqXJ1CKZ-HRXeNePnOPucAZU2LDCxfpg2eYAfbIwaLKgPYzi4yYs6GsRu3HYIQ57uCYC6JFsvh-38QQUjHrFapb09s6MJsvw6uD8eGaPIH9CJ2qsfY-9KUqQDjPmBajoUYOL0VOE3p0AsyEyh1COAtGdy-JGcd1MXxlRl3h8Bxk7skhU4vDeBN1V41eNXsTFQ53_&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f54447f18a99e57dc36be470a2c570b85afebb963bd8d4f3eab0c86249b74f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1665572127853807-15258669514983239962-vla1-5784-vla-l7-balancer-8080-BAL-5549
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:28 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 200 c58dc71b9d1f11fa7d1a.js Show response
yastatic.net/partner-code-bundles/664225/ 462 KB
95 KB 118ms
103ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/c58dc71b9d1f11fa7d1a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2d2b5a14385b720fff60b9fa208371213c9e0191b72d8dcc7536e03469cf17a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 96491
last-modified: Mon, 10 Oct 2022 16:36:59 GMT
server: nginx/1.17.9
etag: "8caeb4b069cbaf6bc8f2853f0e9722a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H2 200 de915ec1a8574f8c.webp
cdn.nur.kz/images/272x153/ 13 KB
13 KB 136ms
135ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/de915ec1a8574f8c.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

f71eec497ff6d810bf2fa0b03428e1c0fc74d482ed26062f68a998e6a278cf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 15 Apr 2022 05:15:17 GMT
server: nginx
x-cs: HIT
etag: "62e5bc860b4075b558f6150a5292a03c"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13266
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 fbb0a8466cd1c369.webp
cdn.nur.kz/images/272x153/ 11 KB
11 KB 138ms
137ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/fbb0a8466cd1c369.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d1821a81f8311813ce59a03f476301ed92a6fe5d01ba3ae639e21088ddbc038a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 06 Oct 2022 06:08:14 GMT
server: nginx
x-cs: HIT
etag: "0566b6a83ad2a7a5d7cfd4fcd47aab72"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11012
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 b5d35c83e9515788.webp
cdn.nur.kz/images/272x153/ 26 KB
26 KB 138ms
138ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/b5d35c83e9515788.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

c39b52f2c7e927da81b4afffe44703fc3278160f53baa13415d842bb17c46182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 12 Oct 2022 03:48:29 GMT
server: nginx
x-cs: HIT
etag: "969feaf482a19ca023d835f6b6463272"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26244
expires: Thu, 12 Oct 2023 10:55:27 GMT

GET
H2 200 016bf34cf13dcf6f.webp
cdn.nur.kz/images/272x153/ 3 KB
3 KB 140ms
139ms Image
image/webp 94.247.128.35
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.nur.kz/images/272x153/016bf34cf13dcf6f.webp?version=1

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.247.128.35 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

684c7ddf06ac43de1a558e31bdff75ff3adad0437e67b72ee457a88e76c4814e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 12 Oct 2022 09:21:09 GMT
server: nginx
x-cs: HIT
etag: "5a16b8e9ac61465caf35c75598c8c0c3"
content-type: image/webp, image/webp
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3204
expires: Thu, 12 Oct 2023 10:55:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 25ms
25ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1592370362&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nur.kz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABCAAAAGgAI~&jid=1597759605&gjid=1539950563&cid=37591007.1665572127&tid=UA-6273700-34&_gid=27235422.1665572127&_r=1&_slc=1&cd12=&cd13=&z=1673070846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recommendations Show response
webapi.nur.kz/ 3 KB
2 KB 586ms
380ms Fetch
application/json 91.215.139.235
PSKZ-ALA

General

Check archive.org

Show headers Download Go to

Full URL

https://webapi.nur.kz/recommendations?userId=32022beb-e43d-4a9b-85da-95c401a10013&sectionId=1&lifespan=7&limit=5

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/nur/js/home-recommendation.47ef8f13.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.235 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

64d97aec8d05b51375a09219635904e7c6b5488cb89aa8546ffb78225a9ba018

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-f-status: MISS
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx
etag: W/"d36-BfK/PxWlM+9/8CmBzWaa8ntjDsU"
expect-ct: max-age=0
vary: Accept-Encoding, Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
x-download-options: noopen

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 101ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 95ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
14 KB 437ms
437ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=105326142784147&correlator=1198413010245572&output=ldjh&gdfp_req=1&vrg=2022100402&ptt=17&impl=fifs&iu_parts=21635628449%2CNUR_Desktop_Bottom%2CNUR_Desktop_Bottom2%2CNUR_Desktop_Bottom3%2CNUR_Desktop_Anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C728x90%7C728x200%7C980x90%7C980x200%2C728x90%7C728x200%7C980x90%7C980x200%2C1x1%7C728x90%7C980x90%7C1000x90%7C1000x200%7C1200x90%7C2000x90%7C728x200&ifi=1&adks=2902430930%2C1806412577%2C1148870173%2C3302193688&sfv=1-0-38&fsapi=false&eri=4&cust_params=page%3DHomepage%26section%3Dwww%26sectionId%3D1%26platform%3Ddesktop%26language%3DRU&sc=1&cookie_enabled=1&abxe=1&dt=1665572127871&dlt=1665572127268&idt=578&adxs=436%2C436%2C436%2C-12245933&adys=2404%2C4946%2C6518%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nur.kz%2F&frm=20&vis=1&psz=1088x0%7C1088x0%7C1088x0%7C0x-1&msz=1088x0%7C1088x0%7C1088x0%7C0x-1&fws=4%2C4%2C4%2C644&ohw=1088%2C1088%2C1088%2C1600&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=true&ga_cid=27235422.1665572127

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b87b07ecc52718cc67ffed0f3d9ff850a2fc59ab855c0d338b89aab7636ce6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13928
x-xss-protection: 0
google-lineitem-id: 4571986055,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224758804,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB2D 6 KB
4 KB 111ms
23ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:27 GMT
expires: Thu, 12 Oct 2023 10:55:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-6273700-34&cid=37591007.1665572127&jid=1597759605&gjid=1539950563&_gid=27235422.1665572127&_u=aGDAAUABCAAAAGgAI~&z=1630224331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5c28993f970fd8eae4b7.js Show response
yastatic.net/partner-code-bundles/664225/ 8 KB
4 KB 49ms
48ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/5c28993f970fd8eae4b7.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9946b4bfaa91a76e36aad44a9993043786edd62edd0d19562676b0dbdffba43d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3339
last-modified: Mon, 10 Oct 2022 16:36:58 GMT
server: nginx/1.17.9
etag: "9fbebc767784a35d1f6d237169af1c9b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:26:41 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 77ms
43ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6273700-34&cid=37591007.1665572127&jid=1597759605&_u=aGDAAUABCAAAAGgAI~&z=1628496311

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
41ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-6273700-34&cid=37591007.1665572127&jid=1597759605&_u=aGDAAUABCAAAAGgAI~&z=1628496311

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
230 B 191ms
68ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=7d0045f43a0c8b21&pm=cyz&p5=moyar&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=jvszwpc&sj=QiQn1xUeDwekTFkZCDX_tR8Gd0ZLgI_flqNQl2fPRbQorOauMtAjK-9cxojzWA%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsny&rqs=H0HEFo7LaoQfnUZjeQu6cqPhzZU5iX8v

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:28 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2462621/221006_adfox_2086545_5746017.14a0179128f1680bf4c2f7c59953411f.png/ 21 KB
21 KB 214ms
98ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2462621/221006_adfox_2086545_5746017.14a0179128f1680bf4c2f7c59953411f.png/optimize.webp
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: c5e31ec996abd39481583ce7eaee1c6dd4e0620d873020465da91d13bb834a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
last-modified: Thu, 06 Oct 2022 04:12:33 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21328
x-request-id: 44b11327606b561d

GET
H2 200 1xbet-football-icon.svg
www.nur.kz/nur/img/icons/ 3 KB
2 KB 97ms
95ms Image
image/svg+xml 91.215.139.234
PSKZ-ALA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nur.kz/nur/img/icons/1xbet-football-icon.svg

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.215.139.234 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),

Reverse DNS

Software

nginx /

Resource Hash

d1d73b904816114baa9cbd4f4d31481f19344dfe81c33ea2ff4e450cdc5f1542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 22 Jul 2022 07:06:02 GMT
server: nginx
etag: W/"1484ab820b4a0a8a16df09a4b805320a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Thu, 12 Oct 2023 10:55:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
53 KB 74ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/664225/c58dc71b9d1f11fa7d1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f555ea13c0bc5058b1670fc0904f997202c6cc7adcc1d87e0e07304e2cb452c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54210
x-xss-protection: 0
server: cafe
etag: 284479113356862858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 74ms
74ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=58fc5a109b67c2c8&pm=cyz&p5=kunhv&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=cqieeyb&sj=h_Wv1fvKb2MrXwG8o6QhxLsR9efoqxobEfDAZgod94Dub63mE7eQAB2PMtrbJw%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsnx&rqs=H6klR6lH5BAfnUZj2XKT0x-BRO-CMVW_

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:28 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
116 KB 81ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz&bust=31070257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e776ab1e8da89dbe0ba81f66eaacd15c465d8f7538cd2358229cea49eadf3f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118617
x-xss-protection: 0
server: cafe
etag: 3730640347838730039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/ Frame 2FD1 10 KB
5 KB 90ms
26ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3369263710096163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 05:05:49 GMT
etag: 9671129459699598864
expires: Wed, 26 Oct 2022 05:05:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 060C 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCgBDVx7llNrp_Gm6H-ffWflQmjslgUHMFeaVyJy0q6xQLTOMVotT50sMT8IXcfa-Q5v1YdGR4HafIzg_Rn4o28ePnFWjfKaQb1yokBQkDIMRI7U82NeJQ2t7Mx76HJYuP3alLkYHyGwOC_vGtpmAjEmj9OcqqLG6oc7jV55q-A1ELoXONbdYeKbHertQHz0sGxywB4b6_pcIYn5IAxY99oU297INM86aL8CKzIuZxe6FZfVOk0NkyDBwLMclmdGNhTKjHfJb2ZZe_81WQj4gTte4vIt_9GZd2EU7-_FzNMiehuEzYNF_0xkzubnGClN7scOzvXpaM&sai=AMfl-YRi8Z22XNSxVHUuG6U0HmvOlkQpz-toOPngk6f4v59bL_YQS1gOcfxh0L5Rl1q8PoGBvSobmrca6VdU7cj_7c_3Kn_8bGcHbSGsUU3p-MnnKx3i39YJS13BQS3ZMe_VVcqa&sig=Cg0ArKJSzMfqBzrvTjweEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ Frame 060C 390 KB
105 KB 184ms
71ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c55eba3375e19f66b1907be443bda17e31bbd0e451f3af1888848359ddc9cf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1665572128492127-524376656049379116800105-production-app-host-sas-pcode-88
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Oct 2022 11:55:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 060C 151 KB
47 KB 84ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H3 200 container.html Show response
af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0F3B 6 KB
3 KB 50ms
17ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:27 GMT
expires: Thu, 12 Oct 2023 10:55:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C768 6 KB
3 KB 45ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:27 GMT
expires: Thu, 12 Oct 2023 10:55:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
476 B 62ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.nur.kz&callback=_gfp_s_&client=ca-pub-3369263710096163&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3369263710096163&plah=www.nur.kz&bust=31070257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 56ms
26ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nur.kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 61ms
28ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nur.kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.nur.kz%2F&tn=DIV&cls=cookie-popup%20js-cookie-popup&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E36 0
20 B 109ms
78ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&adk=1812271804&adf=3025194257&lmt=1665572128&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.nur.kz%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128204&bpp=3&bdt=937&idt=171&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&nras=1&correlator=6914024258268&frm=20&pv=2&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:28 GMT
expires: Wed, 12 Oct 2022 10:55:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3237 111 KB
35 KB 500ms
479ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29fcaa8e9abe9ee3c80590d324a3fb565b36b30ef27062e30059e86e652e46b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 36050
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C768 0
0 59ms
55ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5x5zH51GY9HBOYOdgAfslZ7gCMme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M8gBCakCaiBpgLhNsD7gAgCoAwGqBIECT9AQykuyGp6Bndt2QN5tZRVT2Dey4_q5qHKFlVPTjTo2X25FZtGAVwK_aDY0rMAsaxzKjYm7Q2s9wsJetjMHcQD_BDjw3bH5Bv3h1smXkT5v6F39uas8bh3XuT5u-pjKK8tZsA40NwPJ0Rh0CWRAx_ymScufCp6I9uy_XmM4-UNbmNzj4AuLs0sWNGPZ6IvIkwQvIaC_XuGaGpM992hekf31NpPPQfPZd9fqcjnIepC5zq_jIRSl8MOUuA1cMqEDKu5W4BIdU4F0i4GihKvRiMNr9z5DjJYPRGVY1Tf25XlZ9FhVgQ42YlOQb4Z7GEwDD5tnB_vWCQvPH0lfykNm_YXgBAGABoOUmOPUrNStXaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMzNjkyNjM3MTAwOTYxNjMYwZBq&sigh=d4cdrqSRdfk&uach_m=[UACH]&cid=CAQSPgDq26N9j-U-COaS5HGdj9Hug41b46fwzUyoxtwdt4GzFx7LZ6ZheGUh9j06sdX41YP949ZhRYj5REnanY41GAEgEw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame C768 0
0 81ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kv79Et6BMNgFWp2DYgICAAAA16Czvrd-43aqFPm-EB-dRmM10iIvnLaDLtCtJgASAAA&wp=Y0adHwAOYNEK4A6DAAeK7OWZOE7WtYKNIfT_1w

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 339728
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A117 140 KB
46 KB 158ms
95ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYNEK4A6DAAeK7OWZOE7WtYKNIfT_1w&u=%7CS1FL%2BoAKd7RRv806YYnJwuN1%2FtyfpVuvKkO0PDFxdZ4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PEMyz40uhnGHdW6w6xe3h-UQhofLyuwLbG78FzrUzKZyPE7rb5mkJ8O85CO5O5_Z18cEiqD7t2bA9zamLWIEwh_iUmU5JUo9fRygXuBThwcPmu-R-QIzrPqkW25Z7iVzO7h5ZYioMmQ_nbARu2b9O_K0tYs4qDKCIK1GnFI--SrEggaBSrRa-OOpTWmVzwLtr9-xV6ds4eNVNsYxHmKxjNGX1cu34ZVNBJvP8Ene3I4eNnCqk_y-YPGdZUEsQNiBotlOSqiLtHQbPANekzHx0JfYSQp6Eqi_YhZm6FBGf2Iqwfd03lPf19Sd0FKkpT_7OkFuAZL-Kqq14Hie1UK3HQp4ooewbguf_c9pj-WwP_ql3FqWSFTsEUAu-J1CEliz3QsNKWgzmHjF9FQzkKPLgztC40IUy9cbsscZrerhsqtaV0D7juoi7sTn87gvXF-8nSohUNJQ3Uc0O_9xk8C3U6dkBix1q1SkCE7EIIrtiq4OFnu5akyz4A8zf5TiJgmFUNlDfA5P1uNYY1vMvg64vVet22XyDket7EJjVMhECmRNqZ1u-rzg-OZjHbl_uOZFfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgtBH51GY9HBOYOdgAfslZ7gCMme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M8gBCakCaiBpgLhNsD7gAgCoAwGqBIQCT9AQykuyGp6Bndt2QN5tZRVT2Dey4_q5qHKFlVPTjTo2X25FZtGAVwK_aDY0rMAsaxzKjYm7Q2s9wsJetjMHcQD_BDjw3bH5Bv3h1smXkT5v6F39uas8bh3XuT5u-pjKK8tZsA40NwPJ0Rh0CWRAx_ymScufCp6I9uy_XmM4-UNbmNzj4AuLs0sWNGPZ6IvIkwQvIaC_XuGaGpM992hekf31NpPPQfPZd9fqcjnIepC5zq_jIRSl8MOUuA1cMqEDKu5W4BIdU4F0i4GihKvRiMNr9z5DjJYPRGVYlzXXd_7WaEvqHRqVsm42l49vEvoJIYPlszPrr_lwAWVHT-ni7joOcZrgBAGABoOUmOPUrNStXaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L53rRRKuYQsXPZ5vnGajgQifEtA%26client%3Dca-pub-3369263710096163%26adurl%3D

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0efa48f42235e36ff57cdc3962a892de760478ae1fbc729dab9dd09da7e0a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DEzwvTaIHPD6_2cjJ_vW1TrRi_7964OwEZ617koLbeWH6LsVk2te15EaNsVsiDhVcIKH9JtwDRbZaou6Y1gPWQbdQL55NcdYe9TEIlwPysxY8V77-iGzmW_N_1bPy41Ckjp8Hja4Wc197J2oAgHge4QIyUv9wcWWzyfo0IYqv8TdWGSJzhAZBO37io1-o5qi_Nrid_tvh2TcuQxXg-R1OnpRs_YGOzBJ_nOBAYe8sYlRptrnG-eM4rUOJoOZIqqBI0OO2Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 78905547
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame C768 3 KB
1 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:03:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame C768 17 KB
8 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C768 0
0 24ms
22ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1pPyHozeHUWJH0VqlTcCf6RrOf6GduzIjSnuhZ6nqkZ0CjN02C86elW9fpFcUBOZ5drz10xjIlQFa1l_fcTPqVhtOwg
Requested by: Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C768 22 KB
7 KB 71ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Oct 2023 09:55:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C768 151 KB
46 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0F3B 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWRPFH51GY8_AOYOdgAfslZ7gCMme0rFcvfGU93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNMgBCakCaiBpgLhNsD7gAgCoAwGqBIMCT9DzGR__hL7r2_SC1JhTL1ueEzi0Ox3rSQBzXEei7BUfUOjfmIB13GRNXEgPDyDauKIlSLyXcxcUbnKJOFzMIr6_Rn09LWuCtKsukpRBvYxAnfNw9wsPVs7qJ0vfgzADKYq1b7vfG6HmJ6ZUTxJxCawUVI4vJ0gY4vnZ_V6AyCnew2JZ0Z5K-CyzciV__ZWjUMrDOEaQLNSodLmAz-G5NRGwtsXMJs3g-wplCPvuGCDie3vz1yb8UZTxzNyjCix9vFQmtk-UvaTJiXxk3IPatYH_Ovmx05J0IqFrt21kS0duqZTiOIMPRPUdHk9WU_qHqBjRAQbMY4D-4tZZqlpoQ9ZfyOAEAYAGg5SY49Ss1K1doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODU4MDE5NjQyNzIwOTMxNBjBkGo&sigh=fbxxmNLR_TM&uach_m=[UACH]&cid=CAQSPgDq26N9j-U-COaS5HGdj9Hug41b46fwzUyoxtwdt4GzFx7LZ6ZheGUh9j06sdX41YP949ZhRYj5REnanY41GAEgEw
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 0F3B 0
0 148ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Err5RNQHyAGdg2ICAgAAAJ08UUBYP1SW02Tfx6oU-b4QH51GY9INuV_j-XBQjf58ABIAAA&wp=Y0adHwAOYE8K4A6DAAeK7PZgM8SDmXk3HDLFnQ

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 331170
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BBC6 194 KB
58 KB 180ms
125ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYE8K4A6DAAeK7PZgM8SDmXk3HDLFnQ&u=%7CS1FL%2BoAKd7T10MsRgApU1k5AMpT6%2FqBkqcB4P%2BdZ864%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608Bvppv58V0BuGUUCIazVjI80Mz6K9nh4VzCf-s5FS-nyDQQWmVX5kuQ6jilbXFac0xbvTnM5wF-ydxbpRlVLXJG_4SCdbaH-JAtq81Q4VD99GCGFbdgSHj9W8w0fHtYTNV9tqllTWR2B0cCdY0G6TWbB04vc_jpS_uTs1dVURODwg3CnV4-q0la13yO_UfQ2qlTmwCLgibq-fhfZVV0rJ5fwnaIx7bIjHYHKl09t7Quuf_NOW-f6rhPuGPMlH7uHOKDY5s_2T4nvLE6JGl8Bg9zB18k53DyxXCb117fgJGDkvhIEXkGSSWNn4tRjOuHZhRzIHa4tLvU9aIAdVfaiLlLjpNNn6kxVEPzXNX2SLo4Y-cqbQ7d6wMbtD1E_U1wZMlAueoPPe5J83mX9weULl-mmChmt0E4TLYb2n-Nx72KTDiQukwRz-SASKZax-oxSvMpuDsa9PZNMwoni_uX-wfGSL7md9--PtqW8drlJZkqa6WK--9CyweAmyVu6Im938dFeikC0n8Mc9lMf619d0S52Mz1irqwhBtEwrIQrGARVz3Im_BuNMgZqa0yE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iYWH51GY8_AOYOdgAfslZ7gCMme0rFcvfGU93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNMgBCakCaiBpgLhNsD7gAgCoAwGqBIYCT9DzGR__hL7r2_SC1JhTL1ueEzi0Ox3rSQBzXEei7BUfUOjfmIB13GRNXEgPDyDauKIlSLyXcxcUbnKJOFzMIr6_Rn09LWuCtKsukpRBvYxAnfNw9wsPVs7qJ0vfgzADKYq1b7vfG6HmJ6ZUTxJxCawUVI4vJ0gY4vnZ_V6AyCnew2JZ0Z5K-CyzciV__ZWjUMrDOEaQLNSodLmAz-G5NRGwtsXMJs3g-wplCPvuGCDie3vz1yb8UZTxzNyjCix9vFQmtk-UvaTJiXxk3IPatYH_Ovmx05J0IqFrt20mSWb8Lht-KzyTUFbNI-muWu6NHhL_GYR4q71YEGlHhkLt6VJMd7RHAeAEAYAGg5SY49Ss1K1doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T_jeK5G5_9lqPVhv_-YnkUa8pRg%26client%3Dca-pub-8580196427209314%26adurl%3D

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de5aaa40e209ac16b1e95f887a822dff42702cc8bd97e497795fc6d4bced00c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Vz91-DaIHPD6_2cjeNLENJP5GoAHT_aNr2Yc_w4Ez5N3EB5ZDaMHhbdS0gB2fW2b6waqSRGp9f10prXgKGcU6ZZ97tlDcsF6SwaefaifXs5LtNvxREW6tJ3lX6xT8pKwjYikrU3O95atSVEbrbvu4-vwPOV2I1_aRfJtqzc1Vr3RvpMTusxAskGqTHBAGgkELZvHy0VD2dWFCGIV2g9LnozqWwwocJxw_DmKZkr3S2Ij18W2HGZjjSxmOLyUvIu2yT_FSA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 80667990
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 0F3B 3 KB
1 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:03:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 0F3B 17 KB
7 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0F3B 22 KB
7 KB 68ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Oct 2023 09:55:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F3B 151 KB
46 KB 59ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
DATA 200
OK truncated
/ Frame 060C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cdf25d756a0e83e1971cdd267d8fb455ae157cfc7eaead62092bc04f482e142

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C768 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b990a6e1fbfad1e12019b70014a45485788e377340a9ab973b8c9340e4ab3f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0F3B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59b0e364dbb99f8b8a3024bc10ecabac5479643302759c5234f732c9c45607ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A117 2 KB
1 KB 48ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYNEK4A6DAAeK7OWZOE7WtYKNIfT_1w&u=%7CS1FL%2BoAKd7RRv806YYnJwuN1%2FtyfpVuvKkO0PDFxdZ4%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PEMyz40uhnGHdW6w6xe3h-UQhofLyuwLbG78FzrUzKZyPE7rb5mkJ8O85CO5O5_Z18cEiqD7t2bA9zamLWIEwh_iUmU5JUo9fRygXuBThwcPmu-R-QIzrPqkW25Z7iVzO7h5ZYioMmQ_nbARu2b9O_K0tYs4qDKCIK1GnFI--SrEggaBSrRa-OOpTWmVzwLtr9-xV6ds4eNVNsYxHmKxjNGX1cu34ZVNBJvP8Ene3I4eNnCqk_y-YPGdZUEsQNiBotlOSqiLtHQbPANekzHx0JfYSQp6Eqi_YhZm6FBGf2Iqwfd03lPf19Sd0FKkpT_7OkFuAZL-Kqq14Hie1UK3HQp4ooewbguf_c9pj-WwP_ql3FqWSFTsEUAu-J1CEliz3QsNKWgzmHjF9FQzkKPLgztC40IUy9cbsscZrerhsqtaV0D7juoi7sTn87gvXF-8nSohUNJQ3Uc0O_9xk8C3U6dkBix1q1SkCE7EIIrtiq4OFnu5akyz4A8zf5TiJgmFUNlDfA5P1uNYY1vMvg64vVet22XyDket7EJjVMhECmRNqZ1u-rzg-OZjHbl_uOZFfQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfgtBH51GY9HBOYOdgAfslZ7gCMme0rFc1Z2R93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItMzM2OTI2MzcxMDA5NjE2M8gBCakCaiBpgLhNsD7gAgCoAwGqBIQCT9AQykuyGp6Bndt2QN5tZRVT2Dey4_q5qHKFlVPTjTo2X25FZtGAVwK_aDY0rMAsaxzKjYm7Q2s9wsJetjMHcQD_BDjw3bH5Bv3h1smXkT5v6F39uas8bh3XuT5u-pjKK8tZsA40NwPJ0Rh0CWRAx_ymScufCp6I9uy_XmM4-UNbmNzj4AuLs0sWNGPZ6IvIkwQvIaC_XuGaGpM992hekf31NpPPQfPZd9fqcjnIepC5zq_jIRSl8MOUuA1cMqEDKu5W4BIdU4F0i4GihKvRiMNr9z5DjJYPRGVYlzXXd_7WaEvqHRqVsm42l49vEvoJIYPlszPrr_lwAWVHT-ni7joOcZrgBAGABoOUmOPUrNStXaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1L53rRRKuYQsXPZ5vnGajgQifEtA%26client%3Dca-pub-3369263710096163%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A117 2 KB
1 KB 50ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A117 308 B
636 B 48ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A117 293 B
622 B 46ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame A117 43 B
347 B 159ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YwE6ACTEZr99E4TWxMIZUDRt_K7z-HUbpPanUt5GohdNPJOYzhxBKCfIFdv-IQ6EEnY3In-je-dfWaf5ORmbTMyXXxiKQ2Myp-tqm928fz-ybEhQs7SYUc0UDG8KZ4rkWDJo6SXtAXP4Ogo2IOOarJpch2LXDwQU7MGX-Le2cCvvhZID1ljtGdw7gBx9rbSiGyywLfUOS_8Jldx-vz-0pEqmYPwZHcVCK_l2rKoYmpu_XLRztvUBpgPmA1T2xIsYg51MtEv2_dcF6Lkc3D_2ewbjhOT2bfdZpAoBiXxUchl3JKkRNhlme7D5UFUQc1xiSk_ObaMsPDPoGn0iKDZCWXZVcAcaUzKVnjRj3iWJbER9zwmUIC5In85JHeASblWCbIdX8DdBLt89mo99oqSH6JK9CixsDq9acz4A6UdkGGZzuSjHkPDnJMItDwOetLHNF-sD1w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3726436
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A117 12 KB
5 KB 45ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2376034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp%2FMLHYxUSZpa6OcOICwNqfyWJCjU2CkO8AfJmFuNzeerB5jMTpb90KEmWQ%2B54yqzonGcur8KI43L1%2BI%2FmJUKhIbdhQYQt%2Bby3JE4dSZK08clwOkw5oGFGyTq91xhIQPA9Wtl3wrSMhwTSRjQ9djUqF8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 758f4dabed2491e3-FRA
expires: Mon, 02 Oct 2023 10:55:28 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame A117 58 KB
58 KB 88ms
58ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame A117 56 KB
56 KB 61ms
31ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A117 12 KB
6 KB 18ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 37 KB
37 KB 104ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7e910cfe-834b-4964-8b49-2f244595e943_a2713e23-27b4-44b5-8127-39d3e94daaf6.jpg&v=3&w=400&s=yreGVvIS18nfexKRjoDxZ5ZH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d8318a29921ceb3b831b8bb90288ac4bbb07203042f098d9a312812ac914f3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=92742
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37402
expires: Thu, 13 Oct 2022 12:41:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 25 KB
25 KB 98ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ff7c76382-ac95-40b7-9446-ec6baf24faa7_207a35ac-3362-474f-975a-c1cfd7ccb0d5.jpg&v=3&w=400&s=bgmMdpbONl5jxBj6HC4sHmuQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4c75107d55d30c60dd2ef23e8e25167094dd0b1c73f071d0565b5f5d114724fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1034107
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25570
expires: Mon, 24 Oct 2022 10:10:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 40 KB
40 KB 127ms
54ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fabb49f74-30b7-4a12-8c2d-666b1866dd06_a4fa1c93-f1dd-4233-9ad4-376da08a22f8.jpg&v=3&w=400&s=fiL_nNpQJC84MghV5zTJrvOi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b45f51a119afd78300c86ee9afd081c5f3bd2d1bb3dd1d9927b6f7d4b0d05924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=351003
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40922
expires: Sun, 16 Oct 2022 12:25:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 30 KB
30 KB 114ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2d9d7e79-3772-45df-8d29-6a5ba1269220_9f5c4d3c-cb54-4927-9a9a-b075facac2bd.jpg&v=3&w=400&s=reGrXutO0SYn7-dMk_OrQOGP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6ebaa161909ccae59921c9cba25620fefdccc0711be53adb644761a897bdfe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=513629
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30308
expires: Tue, 18 Oct 2022 09:35:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 43 KB
44 KB 131ms
59ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F30f30e21-720e-4863-b181-5ee6ec9219e6_a5f4e146-98ff-4c7e-b2f1-517405e84bef.jpg&v=3&w=400&s=rZt7QQ-BQ1qBm-h3eq62c-2_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f20f63fad75893ad71673c5486de652508fbf5c0dc9c48b0fc6b5f33054892e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1157695
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44254
expires: Tue, 25 Oct 2022 20:30:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 25 KB
25 KB 129ms
57ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fe592f9ce-4a76-4965-b805-629bb9145bad_0bb31d55-f39a-4580-ae7d-dba99553a5ce.jpg&v=3&w=400&s=QgRmSKb4C3YIDYcxhfxiI98a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

676a998ce180e0fb5577dc2ee977e4d01d98c7e609107fbbfaf9fbc0ac10bd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=719904
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25294
expires: Thu, 20 Oct 2022 18:53:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 38 KB
38 KB 36ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F72b407c6-4fa1-479d-8990-139a6e081c50_c3dc1da8-887c-442f-9a9a-3f36d8c38be2.jpg&v=3&w=400&s=W8AAegQ9vy2C84FetEhRI96z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8bafe7194d5932b90bdd086ada2125f0c5578150b6053c2f4ee60c686e2f6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=944565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38476
expires: Sun, 23 Oct 2022 09:18:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A117 0
128 B 190ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=DEzwvTaIHPD6_2cjJ_vW1TrRi_7964OwEZ617koLbeWH6LsVk2te15EaNsVsiDhVcIKH9JtwDRbZaou6Y1gPWQbdQL55NcdYe9TEIlwPysxY8V77-iGzmW_N_1bPy41Ckjp8Hja4Wc197J2oAgHge4QIyUv9wcWWzyfo0IYqv8TdWGSJzhAZBO37io1-o5qi_Nrid_tvh2TcuQxXg-R1OnpRs_YGOzBJ_nOBAYe8sYlRptrnG-eM4rUOJoOZIqqBI0OO2Q&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A117 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A117 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BBC6 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y0adHwAOYE8K4A6DAAeK7PZgM8SDmXk3HDLFnQ&u=%7CS1FL%2BoAKd7T10MsRgApU1k5AMpT6%2FqBkqcB4P%2BdZ864%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608Bvppv58V0BuGUUCIazVjI80Mz6K9nh4VzCf-s5FS-nyDQQWmVX5kuQ6jilbXFac0xbvTnM5wF-ydxbpRlVLXJG_4SCdbaH-JAtq81Q4VD99GCGFbdgSHj9W8w0fHtYTNV9tqllTWR2B0cCdY0G6TWbB04vc_jpS_uTs1dVURODwg3CnV4-q0la13yO_UfQ2qlTmwCLgibq-fhfZVV0rJ5fwnaIx7bIjHYHKl09t7Quuf_NOW-f6rhPuGPMlH7uHOKDY5s_2T4nvLE6JGl8Bg9zB18k53DyxXCb117fgJGDkvhIEXkGSSWNn4tRjOuHZhRzIHa4tLvU9aIAdVfaiLlLjpNNn6kxVEPzXNX2SLo4Y-cqbQ7d6wMbtD1E_U1wZMlAueoPPe5J83mX9weULl-mmChmt0E4TLYb2n-Nx72KTDiQukwRz-SASKZax-oxSvMpuDsa9PZNMwoni_uX-wfGSL7md9--PtqW8drlJZkqa6WK--9CyweAmyVu6Im938dFeikC0n8Mc9lMf619d0S52Mz1irqwhBtEwrIQrGARVz3Im_BuNMgZqa0yE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2iYWH51GY8_AOYOdgAfslZ7gCMme0rFcvfGU93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItODU4MDE5NjQyNzIwOTMxNMgBCakCaiBpgLhNsD7gAgCoAwGqBIYCT9DzGR__hL7r2_SC1JhTL1ueEzi0Ox3rSQBzXEei7BUfUOjfmIB13GRNXEgPDyDauKIlSLyXcxcUbnKJOFzMIr6_Rn09LWuCtKsukpRBvYxAnfNw9wsPVs7qJ0vfgzADKYq1b7vfG6HmJ6ZUTxJxCawUVI4vJ0gY4vnZ_V6AyCnew2JZ0Z5K-CyzciV__ZWjUMrDOEaQLNSodLmAz-G5NRGwtsXMJs3g-wplCPvuGCDie3vz1yb8UZTxzNyjCix9vFQmtk-UvaTJiXxk3IPatYH_Ovmx05J0IqFrt20mSWb8Lht-KzyTUFbNI-muWu6NHhL_GYR4q71YEGlHhkLt6VJMd7RHAeAEAYAGg5SY49Ss1K1doAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3T_jeK5G5_9lqPVhv_-YnkUa8pRg%26client%3Dca-pub-8580196427209314%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BBC6 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BBC6 308 B
636 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BBC6 293 B
621 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame BBC6 43 B
348 B 48ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CgDMKGqAaxkM4kUCQyvZbYlLVco6AlCI7yNx3bZz19fc72a5ZGGz8_rEqoMMNMQWiCr0o3FBRZZ5yAm-tTH_PJyvxCn_oNs2Tcq3AOjlwVxCEZR-GloyxNkKef1UHkzOz8s1XHNReCj42HMB-vYhlQwfC4HMf3yDalLaYTYtxtyvGTcbaUepJRSTxijSgaOFE4Y1BrBkPWPkjSAtR02fwPtuSQpj3nU3PUbofiB-n-XQ3ciI2Hg5d-9tl7sVdoRKKv34UeeIekor5fUX5tZvvK9pMVvOy60W_p9O7K_-thFmzaJwJ3IbB6mtu4XEq4dL5qZnVXyzcVhA-BOrUUT8vI6hNBVYmQ-g7fygBYve79JnTQ_1O0DCtcYrt1RgzwpXk-kThz22lQ8FGxTijS_kme1qKkjWZwPZAH7l1ay3m4a7-v1Yg3jTEYAYInBFDbkVWgftrg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2798009
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/664225/ Frame 060C 13 KB
5 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/3521127290410543dbe9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4579
last-modified: Mon, 10 Oct 2022 16:36:58 GMT
server: nginx/1.17.9
etag: "2608153af020534eac1710bcf8245ae2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H2 200 af106f46275b64363851.js Show response
yastatic.net/partner-code-bundles/664225/ Frame 060C 85 KB
19 KB 36ms
36ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/af106f46275b64363851.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b77d94bd4977d6ff9c0a1984ac05fe55ff6dece427b361e0abdf1cc4f13ad872

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19089
last-modified: Mon, 10 Oct 2022 16:36:59 GMT
server: nginx/1.17.9
etag: "7e3819d0deceac47ca5c91222e4bec88"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame 060C 33 KB
9 KB 38ms
37ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:11 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 060C 25 KB
26 KB 36ms
35ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 64b3057cdf84e995
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:42:23 GMT

GET
H2 200 490795 Show response
an.yandex.ru/meta/ Frame 060C 90 KB
28 KB 236ms
235ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/490795?target-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C79%3B659464%2C0%2C69%3B663104%2C0%2C41%3B661998%2C0%2C71%3B648528%2C0%2C66%3B659282%2C0%2C19%3B658376%2C0%2C62%3B658724%2C0%2C72&pcode-flags-map=eJy9WG1v2zYQ%2FiuDPw%2BdRIl66TdKOtuEJVEjqThuURBu62UBknRo06Jb0f%2B%2BoyS7luIydRcM8Afb0D338F6eO%2BrLjC9qIcFUXCkoTME0Mw2TrFJmLqS54AUIw2uTiyoTs%2Bcvv8w%2BbW8%2B7mbPZ7vPf81%2Bnd3vPtzzt%2FiTpl5I6ezrq19nF0wZCb%2B3oLS5qFhj5lJUhhVqZK9lC8cAkR%2BTxOsA1rxYgDaFZGsz5xJh5sgIDK%2FYAlwkIhpQEnYYULOshMkB8Muc11wDnjFfqaXQZs31UrTaMDy%2FVm5wGiXB2eBPgczK0jRSFG2u1UM350EDQp6Z2yMQm1tWmFwC0%2FwCTAEacs1FbfaFBAVnmLUSHkk3jcPIP2DCZWNqWBu1QkKYD6XRA%2FLkl4%2Fj0DjtcCqBhJBcyTIojRZmAHYf7WBun24VfKOBH0eMHEQsktJ9IkEqjM7IMop8EkUj24jEcdzZ1n1ce8cVuzTApDINyBzqcaaJN4YIUhKMDsKa%2FESijaqYxOYChRlzhiYK%2FahHbGteClaA7PBYNQrp%2FfuPuyOzkCRB2vexJaGUtK4nNlNfR0aYQAWARZApkBi%2Bsdnd9vXNbmQZRCTtQ4fFgjpWmyXwxVKbWrtdhjRI%2BwLMRVtrWzCXS%2Bk0SeJkkJcNqwu4NLI1hagYdwaSejEJogPFTIoVng%2FpmYXkhdPSj2kSnXRoCo49wjOnOfG9qOf7Ampi5i3qCIoritKjUkpDPxzkuLNFd11BZ0LaOpCs4K365QcRNszy7gmjmK3ZxqmHNAziITXFvMFZohpRYy1pXgFqw6QLPG9sG3pBf%2BYmFwVg0aNp7RRJGlKEGapvLjDKYMt97%2B8xDUGXcUwemvO5VaO1FQMs6J9B2BO4YGU7ylbgnbYuUS1qU1khvmCSs6lkjJxSzxuijBNfWenG4X8INkiJvV6KxTECHdknXthHrZFcSK43Jtug2sC6EdId8CiOhna3j5taaJ4DjrZq4TSLCdp1Zko1Jmf5EizDU%2FLoe6MQxdRP%2B6pABcsHq0kLTISMJgmhfVj3xV9widPO5MopEzT14%2BSo7bhCqhhNXDJyS1O5nKYB9f2Rbdeq6rCoNKwoeL1wg4R0yEwnbdivetOACdysUd7oUQ1WMsdkKp7xElPrdpfG0XctDS4Hecnz1SPe9xhVW2qesbpG2jh45hz3Um4PMWe5W7LShAxTtOcxgPTzD%2BUdO6op2SbDvcnKgpaiLKcDZjIDPRIGfQ0sJMuI%2B1nsQ%2B%2Fbs0bxFyO%2B1Cee6%2FkT8ubT71jsi2MJ3ViW8APz3Kck6q3tiiNhjr2%2BtJ3Ac7ddEgxTBIOG%2B3hl21xCvd8HGgmZe45FOIiIP2ol3A0k1jXOXWxizIedTQrXSpyM2NtuPqkfDr38zYg1jT3KAlvDbUz8lI6YLLnujnEEhsFcaeFmEcSEjBbrvKmG7fewHSu3UODKFgwT8oCR%2F2eMybpXwJxhR515bQipF%2FXtWNulAeNTMd33EGssLy%2F0E%2Fdi7ZNhV9oHul888V7YgqX3WJppFEV9pkr2YmO6gdiN9GOrL7M%2Fdvdv%2Fqy276%2Bu74Z%2BuX33%2Bvpmp95sb67vrmbPydfRUku9YV08pmOvH1lpdaHELeXYwcvZ7fb65tn7j8jt7%2B3d291n%2FP7b9e32avdh9NfV9rb75%2B0%2Fu7v%2B8e2n6%2Ft3%2FdfbZ4cfr06zOZ28hzX5SB7f3N%2BMg5iGketCjL1b8bZ6YtQj2lq0%2BfKJ4VWLF4PNE4Nu2OGfp4RFof5pRFaoYjW9AuFFz%2FfCydXP%2FmMtslJgDfcrfsN0vnRf8Pw0TYYtbBzgJSsEjgiBO8v%2BtQHy2KyXIMFJPkwoOR8S%2By%2BHRg%2Bx20vf%2F%2BbI4N0KBxqbhOv7LveK1l2out2m%2B8nk%2BW9WUpKQhysLr%2B1yavX23IWFJsFoFxsDDgHZv%2BJw1%2BEEqX8TVwqxml6IyNgs7nT%2F67%2BDr%2Ffq&pcode-icookie=Bh7pxG0s42eIReUs%2BKmuLxBN7MPUK3APf9nA9TxaA%2BBzqExk1UOunVt4tPqx5cQgpbLM0qgaL%2BdAQT2dy833Lca6jQ8%3D&imp-id=24&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=369985662747650&ad-session-id=7388841665572127748&target-id=6081654&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.nur.kz&top-ancestor-undetermined=0&pcode-version=664225&pcodever=664225&flash-ver=0&available-width=728&layout-config=%7B%22win_width%22%3A728%2C%22win_height%22%3A90%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.5%2C%22isInIframe%22%3Atrue%2C%22w%22%3A728%2C%22h%22%3A90%2C%22width%22%3A728%2C%22height%22%3A90%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=1100&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Nzl9CnKrNLHrvusiDOrqCb87Esd29IqePT276BHvxb3jY_u5c1EZduf5vv7K9dcdPXK2LMySMFxYGOiRDvaBdhgjVR7e5OnMooIUKUYYYYxUtI3fZrttJnVStTg36Pbabi_Jy-81v70MSEOcmzfjFrTTkvvE7eTD0eIykyozw4PPhgAOJ3IUP3GyNPH_vBvyEzmqP06WjOLnOawWJ0295QZ5qnkIdaJopwzdQ5IWIbj2sHBuiBV-sUBxf4sEr7ETJEy8ZjmBTdBAAXAyWlUnFRzi5C2MUxPZqWbJagXXzID-X8ne2PfaJ7vK8uBWPZqXF1WJJ-N7VifycoO_W_IK4uwNWOiiOxf09PKKGGy5176bZO9qTjA1Zy5xKIqoRFe2NChx2kqy0C2QD50wThlwlxD-yONiaquowG8sL_kEB0oxL5b-qlOzj76i2y7JG2_ZeCVN4xTDmiHhSdCCr7HLu5BilA2imNFrYaLketExsmhsqFgeIya44nbzX8xZrNmf3TDJ53OSKpGetmkE17voy_6U8x-vpNlWwNcVOYMZOg0bTCg7wf8MiuXAq4Kcz1VNUmSr3Vytd7rXsEaq_bG84HUdWlL1Bm66rZfI6jpEkZS5Sbg8F76I1jL62cPJOz5NJTK-g1w7Xr9dfOmgfppOkstrnXyjwjK7OHjcL8uFXr_oLD9kMp1mXpzsI84Vn7WHutxQ4rKN3QuTcrCkyUGb8ltLlkjgRs69ftkKcCs0J2Q0vbyyr3iOzdniKXSW9MItg19F5pBG3LF8L_KyJEofy3jlG1vDhraFsUYrplgtXbM3lFG5_iCcldB1AvFoj9ssBlg5UYak62lFz37xuugqK1RRbSswEE-B1zE5JaSGCpzp7ACRjkbr52Iy_vcKqrLZV3GKZcePUsQe3bU_l-Rtkq5N3IYw2SKJnYvLh6BFzR-IeGqFNVKajfRaWr3BSO8zMRiMrBEOW8cA1WBkoKPKjHomamqkHAh1Olh6Hwmjlo7Kh0vnQ0Os92l9GFqOY7_pASJ21joF-A%3D%3D&uniformat=true&callback=Ya%5B5950271547907%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a2e6c12136f6c5c7e3a186a44f895adeac9779f1b141187506eee2d56ee39e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
ssr: true
x-yandex-req-id: 1665572128783095-1135855120555023566400101-production-app-host-sas-pcode-176
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:28 GMT
uniformat: true
content-type: application/json
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 200 c58dc71b9d1f11fa7d1a.js Show response
yastatic.net/partner-code-bundles/664225/ Frame 060C 462 KB
95 KB 35ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/664225/c58dc71b9d1f11fa7d1a.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2d2b5a14385b720fff60b9fa208371213c9e0191b72d8dcc7536e03469cf17a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 96491
last-modified: Mon, 10 Oct 2022 16:36:59 GMT
server: nginx/1.17.9
etag: "8caeb4b069cbaf6bc8f2853f0e9722a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 11 Oct 2052 17:29:30 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BBC6 12 KB
5 KB 29ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 546284
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vThEyCGgVjWNNncbimwVLd3ac%2FnnhuFgh8Fv5ruyMr9ttafxceBr9Najae7By1wg8D3tAwF0c1MgrnM50YVecyHJ%2Fwn0yb2Tv98gq0FNaXWCaqJECexaZiPuq39ii7Vv4mphiVLY5cjABKCkt98XFqfv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 758f4dad085f8fef-FRA
expires: Mon, 02 Oct 2023 10:55:28 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BBC6 12 KB
6 KB 25ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame BBC6 58 KB
58 KB 17ms
17ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame BBC6 56 KB
56 KB 24ms
24ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 25 KB
25 KB 18ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4c75107d55d30c60dd2ef23e8e25167094dd0b1c73f071d0565b5f5d114724fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1034107
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25570
expires: Mon, 24 Oct 2022 10:10:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 38 KB
38 KB 17ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8bafe7194d5932b90bdd086ada2125f0c5578150b6053c2f4ee60c686e2f6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=944565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38476
expires: Sun, 23 Oct 2022 09:18:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 40 KB
40 KB 18ms
17ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b45f51a119afd78300c86ee9afd081c5f3bd2d1bb3dd1d9927b6f7d4b0d05924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=351003
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40922
expires: Sun, 16 Oct 2022 12:25:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 37 KB
37 KB 21ms
20ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d8318a29921ceb3b831b8bb90288ac4bbb07203042f098d9a312812ac914f3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=92742
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37402
expires: Thu, 13 Oct 2022 12:41:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 30 KB
30 KB 20ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6ebaa161909ccae59921c9cba25620fefdccc0711be53adb644761a897bdfe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=513629
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30308
expires: Tue, 18 Oct 2022 09:35:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 26 KB
26 KB 20ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F837b4ba3-5f02-4b28-a353-7fc0197c5c8f_040303cf-8de7-436d-b066-4d73cfbcb09b.jpg&v=3&w=400&s=rvMbd6cljCcQhfF7S2BF5a6p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cbd065a586fc6471e986f6190744ea851e21475068200195b0401e523ea6db64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=184895
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26300
expires: Fri, 14 Oct 2022 14:17:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 37 KB
37 KB 22ms
20ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffabdbaa0-8d03-4199-81ca-1cd7321ee0eb_19edfe99-02ea-4577-84de-650588dcf718.jpg&v=3&w=400&s=Y8viTWVUCdY_M0CocLUMDYFR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

114eca7ca5da90b4067da6e0e36b465299418d7ab3090382b8a65a0a11af6698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=630941
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37646
expires: Wed, 19 Oct 2022 18:11:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 28 KB
28 KB 22ms
20ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fcdafa82f-5e6c-4225-8cf6-5f0579783688_7aee2345-e800-447a-b576-f55f5301f80b.jpg&v=3&w=400&s=36fs6VC22pCXNdtm0TiiZZNJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b7654898bd2bfc1b3a6af300b27655a0823ce2efeff9306053789d7a0b711ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1204018
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28536
expires: Wed, 26 Oct 2022 09:22:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 41 KB
42 KB 31ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fab9944d1-074c-4e08-a3d0-d361c3c2819c_7fdeae8c-7f48-4061-8a82-17978a8f45f8.jpg&v=3&w=400&s=i0X_p0wn6Ngb160Pq9rRZZZH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f0ea0091ee9cea48491b716bf853963e2ba955e888ec48add463788d51b50936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=148908
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42374
expires: Fri, 14 Oct 2022 04:17:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 21 KB
21 KB 33ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7627f8a2-7301-4c08-b425-4c6c582d43a5_cbefac5a-0759-4708-83fe-1b002d40e0a1.jpg&v=3&w=400&s=T1GAMSRA1vM2330v3CFLMNf_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8f57e546849c2d4fecc094fb9afb7f738f0802b0cb1044badd6732bff51a1a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=723812
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21254
expires: Thu, 20 Oct 2022 19:59:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 34 KB
34 KB 28ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ff719b734-ba1b-419b-b239-7f0b6d77a917_91c9f96f-954c-42ed-b43c-cf0f05542f3a.jpg&v=3&w=400&s=ZrUvPrTct4sxM1bpBskOFsUv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1cdc1fcb9385a0a7f31edf84af5a967ecba1763105332047dbe5f891e4056dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=504535
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34828
expires: Tue, 18 Oct 2022 07:04:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 50 KB
51 KB 22ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F17fca1b7-6655-400d-bf56-1bc69a73f7fd_787a8009-db11-495e-ae89-7e8775f2d094.jpg&v=3&w=400&s=plwFk3s4OW4F69hiccaQwLFt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a80bfba69eca180b433d1c25b7c0bb95dc95ac7683348c6b7fec7d298f549347

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=336732
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51702
expires: Sun, 16 Oct 2022 08:27:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BBC6 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Vz91-DaIHPD6_2cjeNLENJP5GoAHT_aNr2Yc_w4Ez5N3EB5ZDaMHhbdS0gB2fW2b6waqSRGp9f10prXgKGcU6ZZ97tlDcsF6SwaefaifXs5LtNvxREW6tJ3lX6xT8pKwjYikrU3O95atSVEbrbvu4-vwPOV2I1_aRfJtqzc1Vr3RvpMTusxAskGqTHBAGgkELZvHy0VD2dWFCGIV2g9LnozqWwwocJxw_DmKZkr3S2Ij18W2HGZjjSxmOLyUvIu2yT_FSA&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BBC6 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BBC6 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 25 KB
25 KB 28ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4c75107d55d30c60dd2ef23e8e25167094dd0b1c73f071d0565b5f5d114724fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1034107
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25570
expires: Mon, 24 Oct 2022 10:10:36 GMT

GET
H2 206 f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame BBC6 125 KB
0 22ms
21ms Media
video/mp4 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 29 Apr 2022 11:40:29 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626bcead-23ac33"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-2337842/2337843
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2337843
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 30 KB
30 KB 16ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6ebaa161909ccae59921c9cba25620fefdccc0711be53adb644761a897bdfe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=513629
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30308
expires: Tue, 18 Oct 2022 09:35:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 37 KB
37 KB 17ms
17ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d8318a29921ceb3b831b8bb90288ac4bbb07203042f098d9a312812ac914f3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=92742
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37402
expires: Thu, 13 Oct 2022 12:41:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 40 KB
40 KB 18ms
18ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b45f51a119afd78300c86ee9afd081c5f3bd2d1bb3dd1d9927b6f7d4b0d05924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=351003
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40922
expires: Sun, 16 Oct 2022 12:25:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame A117 38 KB
38 KB 16ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8bafe7194d5932b90bdd086ada2125f0c5578150b6053c2f4ee60c686e2f6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=944565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38476
expires: Sun, 23 Oct 2022 09:18:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 38 KB
38 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8bafe7194d5932b90bdd086ada2125f0c5578150b6053c2f4ee60c686e2f6be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=944565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38476
expires: Sun, 23 Oct 2022 09:18:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 25 KB
25 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4c75107d55d30c60dd2ef23e8e25167094dd0b1c73f071d0565b5f5d114724fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1034107
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25570
expires: Mon, 24 Oct 2022 10:10:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 40 KB
40 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b45f51a119afd78300c86ee9afd081c5f3bd2d1bb3dd1d9927b6f7d4b0d05924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=351003
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40922
expires: Sun, 16 Oct 2022 12:25:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 30 KB
30 KB 16ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6ebaa161909ccae59921c9cba25620fefdccc0711be53adb644761a897bdfe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=513629
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30308
expires: Tue, 18 Oct 2022 09:35:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame BBC6 37 KB
37 KB 15ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d8318a29921ceb3b831b8bb90288ac4bbb07203042f098d9a312812ac914f3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=92742
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37402
expires: Thu, 13 Oct 2022 12:41:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 060C 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMbBmCbgfeI-pi1GZLJ4U1xyMoUIjIImp-yeWHOA5iHA2uMmPZup-KGlO2yPx-QfCh5v59ImS7NcezfVkoPN7SSJ4qN89f69AmMev-RGugp0jodBdI3yQxJLTJtGFtXrWNs39pb8r0TeVsNia6wQwaS4yPjrmA3DK1ItYQFoSUbOrkXWKKl90YVrwH3dFCCmEJoeLKiw-Uns4xRPXljVCokBAlkYHEJYdjNnaiY1YNc39eZB8cSDzIAdM7A4N8fypjDPs65N-GAehn4VOi1MClobg8JZUwFb1w9Wz926J4wRSS7SxvLqnNUmb4f7sTxiLd6kxKbjZaATo&sai=AMfl-YQp4wCGg2G98iTTvolgWljioXZGtwjI-tpQfOax18ZXByWBBUkyKVuCVCrnyc0pZmmrIVzLp2bEBRp65y41h5EXR8M6TvC76_Wzm6zxyGCiLwY_pXrrRv_Io8sE7JNTEEUA&sig=Cg0ArKJSzA4WZx3uR32TEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 206 f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame BBC6 43 KB
43 KB 70ms
69ms Media
video/mp4 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=2293760-

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 29 Apr 2022 11:40:29 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626bcead-23ac33"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 2293760-2337842/2337843
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 44083
expires: Sat, 07 Oct 2023 10:55:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3237 3 KB
1 KB 72ms
24ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3237 2 KB
902 B 99ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3237 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfjCHIJ1GY8XxHMSZ6wTB6YToDNzFtoNpgtSDmNMMzMeapv0IEAEgrMjqS2CVwqaCsAegAbC6odcDyAEJqQJW54kdaFOwPqgDAcgDywSqBN0BT9B-OggLgS_7X4Lh2_sCoMxRO4RyD5o8Q4dFv0pgDQdcwX6XSufnClq1ynBOYVy3mHragYI8SHL87HDP_iDa2JGcw-NMK-KO6MbJuldNjW4bf7wB_PRtgKV89nRxoHS8-wlANvyur5FIJMQgwF-NLNKDP2u5LuG45xD3kaQtX02lJ9tNy9cAW9TwM2xs_UWr6Bn7jILSyFZSmrbZvp4GwvhwkqCe8ZvQe3HA8IJ3VsSH0Nz2ASWHhPmDEkpt-2_HfbQMLwzBv9H8B_oOvlgkB1ICQd8ge6Jf7M6-mUfABJGr_eSiA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELKwDNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTMzNjkyNjM3MTAwOTYxNjMYAA&sigh=OYzQJbI6Nqc&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 10:55:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 9588183769006283943_9186565913604646649.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3237 89 KB
89 KB 130ms
60ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/9588183769006283943_9186565913604646649.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:42:14 GMT
x-content-type-options: nosniff
age: 436395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91035
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 07:22:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 09:42:14 GMT

GET
H2 200 1360005467745665247_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3237 71 KB
72 KB 91ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/1360005467745665247_9146618617033836075.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:53:59 GMT
x-content-type-options: nosniff
age: 428490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 07:23:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 11:53:59 GMT

GET
H2 200 3208735374193815123_222548466414923371.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 3237 82 KB
82 KB 154ms
85ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/3208735374193815123_222548466414923371.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aee0691c1e66565ade6bc5004cba455f209b8999411b3887f45281fdd270a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:56:02 GMT
x-content-type-options: nosniff
age: 424767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84076
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 07:23:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Oct 2023 12:56:02 GMT

GET
H3 200 16954631344432514325
tpc.googlesyndication.com/daca_images/simgad/ Frame 3237 18 KB
18 KB 75ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16954631344432514325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:22:08 GMT
x-content-type-options: nosniff
age: 63200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18045
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:19:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 17:22:08 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 3237
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

43ms
41ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:38:45 GMT
x-content-type-options: nosniff
age: 4604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 09:38:45 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:06:39 GMT
x-content-type-options: nosniff
server: cafe
age: 10129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Nov 2022 08:06:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 3237 23 KB
9 KB 64ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3237 3 KB
1 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 09:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 09:03:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3237 17 KB
7 KB 86ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3237 0
0 24ms
24ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpkuzhXLZL2VhZb1GQQ2QPS5XqtoKahbUXIGBpVj5-6KshS_NCi2kUgbhKupPwJgSz3xOC6CH8CsJ2BTaWlQnZ8tCS_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3237 151 KB
46 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 3237 33 KB
14 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H2 206 f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame BBC6 2 MB
0 24ms
23ms Media
video/mp4 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range: bytes=98304-

Response headers

date: Wed, 12 Oct 2022 10:55:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 29 Apr 2022 11:40:29 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626bcead-23ac33"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 98304-2337842/2337843
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 2239539
expires: Sat, 07 Oct 2023 10:55:28 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 162ms
56ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nur.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.nur.kz
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame 060C 0
291 B 54ms
54ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 060C 160 KB
57 KB 207ms
94ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.nur.kz/
Origin: https://www.nur.kz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-e0cd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57549
expires: Wed, 12 Oct 2022 11:55:29 GMT

GET
H2 200 x90
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ Frame 060C 3 KB
3 KB 57ms
56ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/x90
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 590139d419b66edc1e5b9c61a7ca929871964958a0f31e025c76290b7f927dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
last-modified: Wed, 11 Aug 2021 14:15:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3142
x-request-id: 4a53c31aee80d006

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ Frame 060C 24 KB
24 KB 158ms
78ms Image
image/png 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 742f099233be133b
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Oct 2022 22:55:03 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame CE7C 24 KB
7 KB 114ms
40ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Wed, 12 Oct 2022 10:55:29 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Fri, 11 Oct 2052 17:27:00 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C08 1 KB
749 B 20ms
19ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Wed, 12 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3237 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b51ff2734c8fd10520c40bb7f595b7a4bd43db47f50f85db9f569359bb387501

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3237 20 KB
21 KB 54ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 393706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 21:33:43 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3237 21 KB
21 KB 63ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:44:30 GMT
x-content-type-options: nosniff
age: 43859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 22:44:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3C08 35 B
464 B 46ms
11ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDTl-1gF07Tg6cMFRdzWRLg&google_cver=1&google_push=AZmPxg_eydyJkUZcplg6ruAG23ijpBFtUqxEsuxk011EDA4jmtygouT_6Ti0UuSamm2lX6e2-L7XRupQ3l1xjMBMV4ryyy14RTEQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3C08 43 B
350 B 62ms
19ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK1NQ89OTA5lKOEKULz2YV4&google_cver=1&google_push=AZmPxg8gpT8BIv74A6TqKUgW3nQdiSrSz-edNWZWEMzkl8F8CX4uFxFv12sFrv8Eudm_AToHe6QSyNzizYkzUC4PkKeA_qKlJeew
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vstar6sa9od4psokuoeigg2ua2qscld9

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3C08 0
166 B 57ms
13ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF_Xvprc7r--9XlFrJ-u2Jg&google_cver=1&google_push=AZmPxg_Nc-hXaqgOEVwjiX1Sltmng4dLs4Ht4ant_ak4JD8_3sY072IWFKcdsNSYQ_RVfgaJJ0MG_PLIP8KocsU0mvZJSU4j2XqP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 12 Oct 2022 10:55:29 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C08
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDsAYQs6iEFpTaJpIS0TIpE&google_cver=1&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk1SU4zV0otRC0yTlFL&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buGX7YZZvTHb-T7eFfjJ4_paQQm7

170 B
188 B

66ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk1SU4zV0otRC0yTlFL&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buGX7YZZvTHb-T7eFfjJ4_paQQm7

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk1SU4zV0otRC0yTlFL&google_push=AZmPxg8KJdyBJYvbZ4Dg7Up1CB7xiS0VM84lwygzd4a7zkdM0AK-sN3ssSPdtXtwlbek7WN8buGX7YZZvTHb-T7eFfjJ4_paQQm7
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C08
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_hm=Y0adIS4Bimyb0M3bZ0DDEAAABGQAAAIB&google_nid=index&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtU...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_hm=Y0adIS4Bimyb0M3bZ0DDEAAABGQAAAIB&google_nid=index&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtUWT8eHcCU2pZqSagSsFBYW8VXBK0NdlCAiU8YuSnzdZk-GYn1MKEDOMs5kzjFZZX

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFCAEF15FkLMjC3FghgMRJtme971arcedQ%2F65XtVO2SEM2SP%2FlYM6HM%2FtNTnVza20BDxduVZheQeQGYCAKVax5hVqPC2r1PGFOEWib0Gjw3UpxpeJYMT%2Ft5W7XZTyd3FtwRfZZXIfhZMSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBBmM3IINby-DwNYd3yiVjc&google_hm=Y0adIS4Bimyb0M3bZ0DDEAAABGQAAAIB&google_nid=index&google_push=AZmPxg9fQQ4ILZuMlE9owSisFWIvTp68qjjtUWT8eHcCU2pZqSagSsFBYW8VXBK0NdlCAiU8YuSnzdZk-GYn1MKEDOMs5kzjFZZX
cache-control: no-cache
cf-ray: 758f4daf6d8a927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 3C08 43 B
296 B 234ms
23ms Image
image/gif 2a05:d01c:1d8:8102:effe:42c3:2f57:d795
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB1fuqIqbv-QayO9zgAmJhY&google_cver=1&google_push=AZmPxg9juggn2ophDJOaafkXjbZvK5oWC02C8hrNi2o3viUktJmDzHRrYJ8WKd0oH8CqLFOiPQvqNndPK7i_J5nlvFdPxvV4EfLY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3369263710096163&output=html&h=200&slotname=4516448096&adk=1921805917&adf=516689607&pi=t.ma~as.4516448096&w=728&lmt=1665572128&format=728x200&url=https%3A%2F%2Fwww.nur.kz%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665572128224&bpp=1&bdt=956&idt=176&shv=r20221010&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D121da8aa72a002d7-2225032744ce0071%3AT%3D1665572127%3AS%3DALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA&prev_fmts=0x0&nras=1&correlator=6914024258268&frm=20&pv=1&ga_vid=37591007.1665572127&ga_sid=1665572128&ga_hid=1592370362&ga_fc=1&ga_cid=27235422.1665572127&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070257%2C44770880&oid=2&pvsid=105326142784147&tmod=1664630434&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=nH61XZ45Ra&p=https%3A//www.nur.kz&dtd=180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:effe:42c3:2f57:d795 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 3C08 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C08 0
232 B 68ms
21ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3s24HLPNyDiNXeC38To-2PZW6-8W-QnyGbq3DdCiYCnCN2d-jxhbOGIefA5ZjyIoCMzP7tQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 LKD9GaYAUlEKqmF0ENHbHL4TSMlp96a1WK2pS7gMh1I.js Show response
pagead2.googlesyndication.com/bg/ Frame 032C 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LKD9GaYAUlEKqmF0ENHbHL4TSMlp96a1WK2pS7gMh1I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca0fd19a60052510aaa617410d1db1cbe1348c969f7a6b558ada94bb80c8752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16026
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 10:28:05 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame CE7C 95 B
400 B 166ms
54ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 10:55:29 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0000
Content-Length: 95
Expires: Thu, 13 Oct 2022 10:55:29 GMT

GET
H2

200

b2a81c3231494fb6f02a5b
an.yandex.ru/mapuid/arcspireis/ Frame CE7C
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/b2a81c3231494fb6f02a5b

43 B
80 B

59ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/b2a81c3231494fb6f02a5b

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/b2a81c3231494fb6f02a5b
date: Wed, 12 Oct 2022 10:55:28 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

404

1CB35A9D219D466319013957022FCFD3
an.yandex.ru/mapuid/SAPEis/ Frame CE7C
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=CEB803C1219D46631E00A21C02AB894F&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/1CB35A9D219D466319013957022FCFD3

43 B
80 B

56ms
56ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/1CB35A9D219D466319013957022FCFD3

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

date: Wed, 12 Oct 2022 10:55:29 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/1CB35A9D219D466319013957022FCFD3
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

1CB35A9D219D466319013957022FCFD3
an.yandex.ru/mapuid/sapeis/ Frame CE7C
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=A9B803C1219D46631A00A5A802627A76&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/1CB35A9D219D466319013957022FCFD3

43 B
80 B

57ms
56ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1CB35A9D219D466319013957022FCFD3

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

date: Wed, 12 Oct 2022 10:55:29 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/1CB35A9D219D466319013957022FCFD3
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

2bd1594a-dc98-521d-a472-2273c734bf52
an.yandex.ru/mapuid/betweendigitalis/ Frame CE7C
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/2bd1594a-dc98-521d-a472-2273c734bf52

43 B
80 B

57ms
56ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/2bd1594a-dc98-521d-a472-2273c734bf52

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/2bd1594a-dc98-521d-a472-2273c734bf52
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=CDA438B2E2D2C396
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=CDA438B2E2D2C396

42 B
942 B

34ms
33ms

Image
image/gif

52.51.135.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=CDA438B2E2D2C396

Protocol

HTTP/1.1

Server

52.51.135.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-135-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0daddca70.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SCr+KSkZSz0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcscanary-prod-irl1-1-v051-0d443fb62.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: s0+ucNJNQoo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=CDA438B2E2D2C396
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect

43 B
419 B

33ms
33ms

Image
image/gif

52.30.181.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 52.30.181.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-181-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:29 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=B973DF220021B4A&publisher_dsp_id=429&publisher_call_type=redirect
date: Wed, 12 Oct 2022 10:55:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
an.yandex.ru/mapuid/behaviorx/ Frame CE7C 0
0 64ms
55ms Image
text/html 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/behaviorx/
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C0A8978EAAA7EF1D

68 B
607 B

18ms
17ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C0A8978EAAA7EF1D
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C0A8978EAAA7EF1D
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=F373292E87EA8477

0
241 B

289ms
95ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=F373292E87EA8477
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Connection: close
Date: Wed, 12 Oct 2022 10:55:29 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=F373292E87EA8477
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2 200 /
an.yandex.ru/mapuid/eplanningrtb/ Frame CE7C 0
0 66ms
57ms Image
text/html 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/eplanningrtb/
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=8CE2BF41A56E3823&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2 200 %7Buser_id%7D
an.yandex.ru/mapuid/intentaidspis/ Frame CE7C 43 B
101 B 84ms
76ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/intentaidspis/%7Buser_id%7D

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame CE7C
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=D4B962C9812EFDA

35 B
463 B

53ms
14ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=D4B962C9812EFDA
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=D4B962C9812EFDA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2 200 /
an.yandex.ru/mapuid/xapadsssp/ Frame CE7C 0
0 83ms
76ms Image
text/html 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/xapadsssp/
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2

200

b35c50e489314d1738cb15a34246c59be107b3dd65b211bb5fcbbf1fc3325b82
an.yandex.ru/mapuid/mediascope/ Frame CE7C
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/b35c50e489314d1738cb15a34246c59be107b3dd65b211bb5fcbbf1fc3325b82

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/b35c50e489314d1738cb15a34246c59be107b3dd65b211bb5fcbbf1fc3325b82

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: ms-counter-3.3.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/b35c50e489314d1738cb15a34246c59be107b3dd65b211bb5fcbbf1fc3325b82
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame CE7C 0
237 B 147ms
46ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 104
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame CE7C 0
238 B 147ms
46ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 108
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

mgSkHFWJS8b3w067Ai9f
an.yandex.ru/mapuid/dmpamberdata/ Frame CE7C
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1665572128
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1665572128
https://an.yandex.ru/mapuid/dmpamberdata/mgSkHFWJS8b3w067Ai9f

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/mgSkHFWJS8b3w067Ai9f

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

Date: Wed, 12 Oct 2022 10:55:29 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 33
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/mgSkHFWJS8b3w067Ai9f
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame CE7C
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/84c6fc58-757d-47be-bf2c-149d39edfd3e
https://match.360yield.com/match?external_user_id=84c6fc58-757d-47be-bf2c-149d39edfd3e&publisher_dsp_id=429&publisher_call_type=redirect

43 B
445 B

35ms
35ms

Image
image/gif

52.30.181.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=84c6fc58-757d-47be-bf2c-149d39edfd3e&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 52.30.181.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-181-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:29 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=84c6fc58-757d-47be-bf2c-149d39edfd3e&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

GET
H2

200

00f5b904-6b64-472f-560b-75cc17df77fe
an.yandex.ru/mapuid/buzzooladspis/ Frame CE7C
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/00f5b904-6b64-472f-560b-75cc17df77fe

43 B
80 B

62ms
61ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/00f5b904-6b64-472f-560b-75cc17df77fe

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/00f5b904-6b64-472f-560b-75cc17df77fe
date: Wed, 12 Oct 2022 10:55:29 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET pixel
mitdmp.whiteboxdigital.ru/ Frame CE7C 0
0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame CE7C
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 0bal1
content-length: 0

GET
H2

200

gP3HRTjPL4s.AikABlGDy9XLSw
an.yandex.ru/mapuid/getintentis/ Frame CE7C
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/gP3HRTjPL4s.AikABlGDy9XLSw

43 B
80 B

61ms
61ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/gP3HRTjPL4s.AikABlGDy9XLSw

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
server: nginx
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/gP3HRTjPL4s.AikABlGDy9XLSw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xK2LQpkEbFaDVV8iL6LRh.
an.yandex.ru/mapuid/dmpweborama/ Frame CE7C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2453226796
https://an.yandex.ru/mapuid/dmpweborama/xK2LQpkEbFaDVV8iL6LRh.

43 B
80 B

60ms
59ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/xK2LQpkEbFaDVV8iL6LRh.

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:28 GMT
via: 1.1 google
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/xK2LQpkEbFaDVV8iL6LRh.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame CE7C 68 B
838 B 91ms
66ms Image
image/png 2606:4700:20::681a:f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmPQog6JaQ7d58DrYuCmDjc3kwwKDTrDPug9Uja5U0QXJz4wUh4gdszqpEoGosKECgK0tYWlt8FRtT3TvX31E5a8nxX5imz%2BHWcxIk8gezBinqbl4JNIqctSW%2BKbtXGML2iR%2BhrVIwDWxa25P%2FcryHtBCS2T"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 758f4db0dc2e994e-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

wI09fGokhRXpyNNnB1L3
an.yandex.ru/mapuid/kadamis/ Frame CE7C
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/wI09fGokhRXpyNNnB1L3

43 B
80 B

55ms
55ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/wI09fGokhRXpyNNnB1L3

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/wI09fGokhRXpyNNnB1L3
date: Wed, 12 Oct 2022 10:55:29 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

2a5c1b9f-b526-4888-8c68-e4b5b089a906
an.yandex.ru/mapuid/mtsdspis/ Frame CE7C
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=2a5c1b9f-b526-4888-8c68-e4b5b089a906&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F2a5c1b9f-b526-4888-8c68-e4b5b089a906
https://an.yandex.ru/mapuid/mtsdspis/2a5c1b9f-b526-4888-8c68-e4b5b089a906

43 B
152 B

58ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/2a5c1b9f-b526-4888-8c68-e4b5b089a906

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:30 GMT

Redirect headers

Date: Wed, 12 Oct 2022 10:55:30 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/2a5c1b9f-b526-4888-8c68-e4b5b089a906
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame CE7C
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=cc7adf89527c4133a03db5b3c17f0e13
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=cc7adf89527c4133a03db5b3c17f0e13

0
355 B

28ms
28ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=cc7adf89527c4133a03db5b3c17f0e13
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.2
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=cc7adf89527c4133a03db5b3c17f0e13
Date: Wed, 12 Oct 2022 10:55:29 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CE7C 42 B
201 B 231ms
56ms Image
image/gif 195.209.111.4
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.4 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 10:55:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CE7C 42 B
201 B 259ms
63ms Image
image/gif 195.209.111.4
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.4 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 10:55:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

62d24302-4a1c-11ed-acfd-901b0e8b2a6e
an.yandex.ru/mapuid/dmpcleverdata/ Frame CE7C
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/62d24302-4a1c-11ed-acfd-901b0e8b2a6e?sign=396158333

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/62d24302-4a1c-11ed-acfd-901b0e8b2a6e?sign=396158333

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/62d24302-4a1c-11ed-acfd-901b0e8b2a6e?sign=396158333
date: Wed, 12 Oct 2022 10:55:29 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame CE7C 43 B
390 B 510ms
474ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 12 Oct 2022 10:55:30 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame CE7C 0
69 B 431ms
296ms Image
text/plain 159.69.72.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: www.nur.kz
URL: https://www.nur.kz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.72.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.72.69.159.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:30 GMT
server: nginx/1.17.0

GET
H2

200

4aafdeb9-c455-46af-8e29-0a7b25a35410
an.yandex.ru/mapuid/upravelis/ Frame CE7C
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/4aafdeb9-c455-46af-8e29-0a7b25a35410

43 B
80 B

58ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/4aafdeb9-c455-46af-8e29-0a7b25a35410

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

date: Wed, 12 Oct 2022 10:55:29 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/4aafdeb9-c455-46af-8e29-0a7b25a35410
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

uDU6UxpNk3uGzwGXzuzhAA
an.yandex.ru/mapuid/dmpaidatame/ Frame CE7C
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/uDU6UxpNk3uGzwGXzuzhAA?sign=2681650755

43 B
80 B

60ms
59ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/uDU6UxpNk3uGzwGXzuzhAA?sign=2681650755

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
last-modified: Wed, 12 Oct 2022 10:55:28 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/uDU6UxpNk3uGzwGXzuzhAA?sign=2681650755
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 12 Oct 2022 10:55:28 GMT

GET
H2

200

zF65KIfJpKEj
an.yandex.ru/mapuid/dmpsegmento/ Frame CE7C
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/zF65KIfJpKEj?sign=919006749

43 B
80 B

68ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/zF65KIfJpKEj?sign=919006749

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/zF65KIfJpKEj?sign=919006749
Date: Wed, 12 Oct 2022 10:55:29 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

wJQC6z5jkS7_
an.yandex.ru/mapuid/rutargetis/ Frame CE7C
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/wJQC6z5jkS7_

43 B
80 B

60ms
59ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/wJQC6z5jkS7_

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 12 Oct 2022 10:55:29 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/wJQC6z5jkS7_
Date: Wed, 12 Oct 2022 10:55:29 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&RedC=c.clarity.ms&MXFR=2056F7F3D0C76E8E1EE9E5C8D4C760C1
https://c.clarity.ms/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&MUID=2352370078216A5D2CCF253B79506B25

42 B
367 B

33ms
33ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&MUID=2352370078216A5D2CCF253B79506B25
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 470235611E6D41AA9F9299612733F952 Ref B: FRAEDGE1117 Ref C: 2022-10-12T10:55:29Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=B4184EDE0FB74CD3B1A477D85E54CF68&MUID=2352370078216A5D2CCF253B79506B25
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 61ms
30ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100402&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd628f5f33d046c6a98e3eee2e1a050fa94642afb0cc7c081f6a7546a7ad2a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10978
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/490795/ Frame 060C
Redirect Chain

https://mc.yandex.com/watch/490795?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%...
https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-...

427 B
518 B

64ms
63ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572129%3Ac%3A1%3Arn%3A319288246%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572129%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97695f06a9a9e66d2fa178cd42a728c2a7c129d71be07c40b35ef82fee2ab93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 12-Oct-2022 10:55:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12-Oct-2022 10:55:29 GMT
location: /watch/490795/1?wmode=7&page-url=https%3A%2F%2Fwww.nur.kz%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572129%3Ac%3A1%3Arn%3A319288246%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572129%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:29 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 71ms
71ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=71bba83d27b9bd8b&pm=cza&p5=moyar&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=hxyjhqm&sj=QiQn1xUeDwekTFkZCDX_tR8Gd0ZLgI_flqNQl2fPRbQorOauMtAjK-9cxojzWA%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsny&rqs=H0HEFo7LaoQfnUZjeQu6cqPhzZU5iX8v

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100402.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 10:55:29 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 100ms
99ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.42/clarity.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://www.nur.kz
date: Wed, 12 Oct 2022 10:55:29 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C8C 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:22:18 GMT
expires: Thu, 12 Oct 2023 10:22:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B41B 783 B
534 B 23ms
23ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

48b3fc19f502b22f857cc0d2a3eef4a14002ed5022e6794df5098b273f5e228d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zIosSGqa6c0D4HEYmuAGEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zIosSGqa6c0D4HEYmuAGEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 10:55:29 GMT
expires: Wed, 12 Oct 2022 10:55:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 77ms
77ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=656ddd9efc117e4e&pm=cza&p5=kunhv&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=kkaqhhq&sj=h_Wv1fvKb2MrXwG8o6QhxLsR9efoqxobEfDAZgod94Dub63mE7eQAB2PMtrbJw%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsnx&rqs=H6klR6lH5BAfnUZj2XKT0x-BRO-CMVW_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:29 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 LKD9GaYAUlEKqmF0ENHbHL4TSMlp96a1WK2pS7gMh1I.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C8C 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LKD9GaYAUlEKqmF0ENHbHL4TSMlp96a1WK2pS7gMh1I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca0fd19a60052510aaa617410d1db1cbe1348c969f7a6b558ada94bb80c8752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16026
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 10:28:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B41B 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100402&jk=105326142784147&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C8C 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VlmRjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/490795/ Frame 060C 43 B
73 B 59ms
59ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/490795/1?page-url=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&cnt-class=1&hittoken=1665572129_471d591cc55696ea3f3dc24fd558d488a7509e371cde498e1f5709324db25ef9&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A153%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A1%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572130%3Ac%3A1%3Arn%3A365421105%3Arqn%3A1%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C5%2C0%2C5%2C5%2C0%2C5%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572130&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(5000)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12-Oct-2022 10:55:29 GMT
content-type: image/gif
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:29 GMT

GET
H2 200 490795 Show response
mc.yandex.com/watch/ Frame 060C 43 B
85 B 57ms
57ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/490795?page-url=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&cnt-class=1&hittoken=1665572129_471d591cc55696ea3f3dc24fd558d488a7509e371cde498e1f5709324db25ef9&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A1%3Als%3A1131676220118%3Ahid%3A583472758%3Az%3A0%3Ai%3A20221012105529%3Aet%3A1665572130%3Ac%3A1%3Arn%3A741651682%3Arqn%3A2%3Au%3A1665572129229196153%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1665572128339%3Arqnl%3A1%3Ast%3A1665572130%3At%3A&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(5000)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12-Oct-2022 10:55:29 GMT
content-type: image/gif
access-control-allow-origin: https://www.nur.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
51ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100402&jk=105326142784147&bg=!-Pul-7_NAAYqRg79CkY7ACkAdvg8WjzxCg2lFwRqeNx0LDoR2ENX27LtzPbOWIj5c_Lc7-GokklAswIAAABKUgAAAAJoAQeZAo7qmjPrp9zpn0Kq_MOQvb0WmKEcaA1-l4sojZA-1-383t6SCDo2fdChLT7L_xZ_gyBeFudwmawrnPW3N6AXDlbTE301YLRPzf0mzL93yE_5J2o0grlT3JZ53x7sKdgq7dcoHsi8GJiOJQXXHysw2QQgtmtGW20_APMsBl-7mzrETMDmqa-Wg6163lmrvsbV0CSePg4l7muZXObPEvZtOZjq66IIIhAlUOYquE9I15fToYM45nTjXNtsjoR4LeSE5vkr3AxX0c5KGj2sHaVlbUv-oKJcinyY_1vwFSjyOXg6azp00j7YbAXiU4QydzqoMWtfAuArxwPJF8c_rIJw-6MV0o3CZQegmf4JSrYVOjFY4X02z9dizHV5MjrbnmZwirCmU7f1Lez2_9Tz9rSOkPu5FnROGYKh12E7uiDYNTwHneg0bvj37RxbqSseZuJ7L_bphfYUeWoG3A1eslYvwo4Rv-MaiejoYhwCVWiT-GlIVndwqaixAplUi_jv4kFYJTBdgQkhS0MG9p7T-GMtsetbZ8IO3IYdtjhu3RgoepGcG3mne4tP3p9c08XG-wb7yJ9BEDi8BxjWVyi15YZ3985Hbv2sCoNVAanD3NjTh7tjySd8IPmnIhLZ942l0OomleawgLLm7nGJYbgaGFTxW6GsItgKWzL48gWrqZVfNUYYk79yS_OnCrOcEjKoH6ZKn60wdZDwzKj23fbDfJLb8d4C6SsMq9dpAQu72Iat1_V7QHsTrtFt5o0b89o_3RCOJ1Fj2aBKw_rcaalCyCM9c8YNG7ez87WuAq-BY4kSa6HtAbZo3TZdTMU4YHWeaQyMwAuq5MnOO-adZDEJx-YEXu4rMb6uJYYnjOSTBpxJuOo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3237 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn31It7DO6v2COUUMxXrPhbm-h28zq3g86n1IsAvF0hyETw_UD7sGbkT6ookDhkKUii_bnRVtqxIgtl1jdf-FCfHtfYHZHc1ruSYJW6L4CTkRykZ64cO7yuqsxVMK2CDEkPa9USdUDyJNJOPIVzaAJ72lirdk-jJc4&sai=AMfl-YSngECxZ7BNjX7rmyfGvOcQk5GzB5HP7dV6u19SaEqCPRA6AtPK0ytSN9ZpnTjtlL15jQ8j7JM-eSJBtgWr00IqiWQWGhcjWZALpuKZRZywRHhiU6TARvTAsgv99A&sig=Cg0ArKJSzNH_f0oGxQhuEAE&cid=CAASF-RoMNv6FEY9-ThCa8NUWSQbpnfqEsoE&id=lidar2&mcvt=1000&p=0,0,200,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1921805917&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665572128405&rpt=760&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
66 B 93ms
90ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=60728e6b01a36c98&pm=bmn&p5=moyar&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&p2=gfdy&rand=jtrfuca&sj=QiQn1xUeDwekTFkZCDX_tR8Gd0ZLgI_flqNQl2fPRbQorOauMtAjK-9cxojzWA%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsny&rqs=H0HEFo7LaoQfnUZjeQu6cqPhzZU5iX8v

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/252771/ 0
18 B 73ms
73ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252771/event?hash=0e7caa9e2f79423f&pm=bmn&p5=kunhv&ad-session-id=7388841665572127748&lts=fkeuacl&ytt=369987273490437&ybv=0.664225&ylv=0.664225&dl=https%3A%2F%2Fwww.nur.kz%2F&rtb-si=b&p2=gfdy&rand=foxerzg&sj=h_Wv1fvKb2MrXwG8o6QhxLsR9efoqxobEfDAZgod94Dub63mE7eQAB2PMtrbJw%3D%3D&puid1=Homepage&pr=jsksnvt&p1=crsnx&rqs=H6klR6lH5BAfnUZj2XKT0x-BRO-CMVW_

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nur.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 10:55:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BBC6 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 12 Oct 2022 10:55:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame CE7C 105 KB
37 KB 52ms
46ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.nur.kz
URL: https://www.nur.kz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 714b058d609a1157
timing-allow-origin: *
expires: Fri, 14 Oct 2022 22:51:36 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame CE7C 160 KB
56 KB 117ms
117ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-e0cd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57549
expires: Wed, 12 Oct 2022 11:55:31 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame CE7C 403 B
842 B 108ms
108ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.nur.kz%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d079cdf8b49ef560d90af20d8c47e38e5e456dedccc58c188883e6cc8d25695b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame CE7C 41 KB
15 KB 66ms
25ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 10:55:31 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame CE7C
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=I51GY-X2D7XEmLAPzrSt0A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=313452745
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=3134527...

42 B
64 B

31ms
31ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=313452745&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=343671882&crd=CJqqsQI&is_vtc=1&random=313452745&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame CE7C
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=I51GY7z6D7nFmLAPh96xiA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=32287...
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=322874...

42 B
64 B

42ms
42ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=3228742289&ipr=y

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1929967745&crd=CJqqsQI&is_vtc=1&random=3228742289&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame CE7C 256 B
355 B 58ms
57ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1221388484770%3Ahid%3A1053199190%3Az%3A0%3Ai%3A20221012105531%3Aet%3A1665572131%3Ac%3A1%3Arn%3A861757383%3Arqn%3A1%3Au%3A1665572131769568064%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C40%2C0%2C2%2C0%2C%2C30%2C0%2C146%2C146%2C0%2C146%3Acpf%3A1%3Ans%3A1665572129033%3Ast%3A1665572131&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

129ff8b1b9f2e78f92f6167140d8be0bb4954e95a2e4c58202b47e5e54878e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 12-Oct-2022 10:55:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:31 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame CE7C 43 B
100 B 61ms
61ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 10:55:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 12 Oct 2022 11:55:31 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame CE7C 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1665572131293&cv=9&fst=1665572131293&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3006352471885e5613dfd2d6e96ee1ebe93686260dd7c778e4c7d79171919352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame CE7C 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1665572131297&cv=9&fst=1665572131297&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55004740cd8a8435f86140b3d7238a37da57582e193d11e25a7c670df8cc19bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame CE7C 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1665572131299&cv=9&fst=1665572131299&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

266dfd1325c513e1a02e8a5187893a97f94223fd8bf5a625bb80bff88c8dfb8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame CE7C 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1665572131300&cv=9&fst=1665572131300&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faea6b4bf305c9a21909c78062a6659d3438ddb9354fc45aed005dcf17fab55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame CE7C 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1665572131293&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2718200018&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame CE7C 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1665572131293&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2718200018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame CE7C 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1665572131297&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=94055741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame CE7C 42 B
64 B 129ms
128ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1665572131297&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=94055741&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame CE7C 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1665572131299&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2204747958&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame CE7C 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1665572131299&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=2204747958&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame CE7C 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1665572131300&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=3822023341&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame CE7C 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1665572131300&cv=9&fst=1665568800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.nur.kz%2F&async=1&fmt=3&is_vtc=1&random=3822023341&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame CE7C 439 B
474 B 66ms
65ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.nur.kz%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A1403290338801%3Ahid%3A1053199190%3Az%3A0%3Ai%3A20221012105531%3Aet%3A1665572131%3Ac%3A1%3Arn%3A714909478%3Arqn%3A1%3Au%3A1665572131769568064%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C40%2C0%2C2%2C0%2C%2C30%2C0%2C146%2C146%2C0%2C146%3Acpf%3A1%3Ans%3A1665572129033%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665572131%3At%3A&t=gdpr(6)clc(0-0-0)lt(5000)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b7c76844d8b5a45e15da6e168f52113b607101a169ff8cfd1f3cfa2da7193dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 12-Oct-2022 10:55:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Wed, 12-Oct-2022 10:55:31 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L3EYGX7DJS&gtm=2oeaa0&_p=1592370362&cid=37591007.1665572127&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1665572127&sct=1&seg=0&dl=https%3A%2F%2Fwww.nur.kz%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B0%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BE%D1%82%20NUR.KZ&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L3EYGX7DJS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nur.kz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 10:55:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nur.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIzdyhyeycUb7LcpAEVRQPo&google_cver=1&google_push=AZmPxg8aB15Vli8JQbHHE1CxxThuBv3AvxS7NstaPg2t4-Uk1TddkB3f5UeefK6KsIVt06LNza93PX5wYLb0K_lW0lZHVjTnLKLOWA

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

84 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:40:58	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:48:10	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:40:58	Name: pcs3 Value: 1
.nur.kz/	1970-01-20 06:39:33	Name: __io_d Value: 1_705468254
www.nur.kz/	1970-01-20 15:25:08	Name: __io_lv Value: 1665572127360
www.nur.kz/	1970-01-20 15:25:08	Name: __io Value: 1dd43bfb5.e45572044_1665572127360
.nur.kz/	1970-01-20 06:39:33	Name: __io_session_id Value: 85c958f89.53a1c4647_1665572127360
.nur.kz/	1970-01-20 06:39:33	Name: __io_nav_state336 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.nur.kz%22%2C%22previousDomain%22%3A%22%22%7D
www.nur.kz/	1970-01-20 15:25:08	Name: __io_unique_336 Value: 12
www.nur.kz/	1970-01-20 06:40:19	Name: __io_uh Value: 1
www.nur.kz/	1970-01-20 06:39:33	Name: __io_visit_336 Value: 1
.nur.kz/	1970-01-20 06:40:58	Name: _gid Value: GA1.2.27235422.1665572127
.nur.kz/	1970-01-20 06:39:32	Name: _gat Value: 1
www.clarity.ms/	1970-01-20 15:25:08	Name: CLID Value: 0e761464caa2499d8d1c9729033ac8c9.20221012.20231012
.nur.kz/	1970-01-20 16:15:32	Name: _ga_L3EYGX7DJS Value: GS1.1.1665572127.1.0.1665572127.60.0.0
.nur.kz/	1970-01-20 16:15:32	Name: __eventn_id_props Value: %7B%22globalProps%22%3A%7B%22env%22%3A%22prod%22%2C%22source_type%22%3A%22desktop%22%7D%2C%22propsPerEvent%22%3A%7B%7D%7D
.nur.kz/	1970-01-20 16:15:32	Name: nur_user_id Value: 32022beb-e43d-4a9b-85da-95c401a10013
.nur.kz/	1970-01-20 16:15:32	Name: __eventn_id_usr Value: %7B%22id%22%3A%2232022beb-e43d-4a9b-85da-95c401a10013%22%7D
.nur.kz/	1970-01-20 16:15:32	Name: __eventn_id Value: kjat3dm2z0
.nur.kz/	1970-01-20 15:25:08	Name: _clck Value: 2lxfzx\|1\|f5n\|0
.nur.kz/	1970-01-20 07:32:09	Name: _gaexp Value: GAX1.2.GJI5ed2FQtSmlMrKLtNM9w.19314.x878
.nur.kz/	1970-01-20 16:15:32	Name: _ga Value: GA1.2.37591007.1665572127
.nur.kz/	1970-01-20 06:39:32	Name: _gat_ABtests Value: 1
.yandex.ru/	1970-01-20 16:15:32	Name: yandexuid Value: 1217176591665572127
.nur.kz/	1970-01-20 06:40:58	Name: _clsk Value: 1cpynwl\|1665572128232\|1\|0\|i.clarity.ms/collect
.nur.kz/	1970-01-20 16:01:08	Name: __gads Value: ID=121da8aa72a002d7-2225032744ce0071:T=1665572127:S=ALNI_MYSAdiJ62b9l1CwQ6z-hOtg62UdZA
.nur.kz/	1970-01-20 16:01:08	Name: __gpi Value: UID=00000b70f7c77708:T=1665572127:RT=1665572127:S=ALNI_MYGDeZ4WaIWUnVQuozO6egshUdj5g
.doubleclick.net/	1970-01-20 16:01:08	Name: IDE Value: AHWqTUn4SwrGXcBZEvhjUCREOw_kNYBGm_TAYsLEcQ1DVHiaMDH9sBO_oSYbE9K1K-A
.an.yandex.ru/	1970-01-20 06:49:36	Name: yabs-vdrf Value: A0
.quantserve.com/	1970-01-20 08:49:08	Name: d Value: EBcBCQGoJ4EA
.quantserve.com/	1970-01-20 16:09:46	Name: mc Value: 63469d21-217c7-dd911-28547
.casalemedia.com/	1970-01-20 15:25:08	Name: CMID Value: Y0adIS4Bimyb0M3bZ0DDEAAA
.casalemedia.com/	1970-01-20 08:49:08	Name: CMPS Value: 1124
.casalemedia.com/	1970-01-20 08:49:08	Name: CMPRO Value: 1124
.casalemedia.com/	1970-01-20 08:49:08	Name: CMTS Value: 1216
.betweendigital.com/	1970-01-20 15:25:08	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:25:08	Name: tuuid Value: 2bd1594a-dc98-521d-a472-2273c734bf52
.betweendigital.com/	1970-01-20 15:25:08	Name: ss Value: 1
.yandex.ru/	1970-01-20 16:15:32	Name: yuidss Value: 1217176591665572127
px.arcspire.io/	1970-01-20 07:22:44	Name: arcid Value: b2a81c3231494fb6f02a5b
.betweendigital.com/	1970-01-20 15:25:08	Name: ut Value: Y0adIQAEHrBh76ZGgu8qhQ2agKY3FZ7dErBBhA==
.360yield.com/	1970-01-20 08:49:08	Name: tuuid_lu Value: 1665572129
.tns-counter.ru/	1970-01-20 15:25:08	Name: guid Value: 878F6A1863469D21X1665572129
.innovid.com/	1970-01-20 08:49:08	Name: uuid Value: a5aff79a-ff07-44e9-9a62-94a7bbe318b2-20221012 06:55:29
.adx.opera.com/	1970-01-20 07:22:44	Name: UID Value: 016bd282c92c48558c514b6eec08076b
.360yield.com/	1970-01-20 08:49:08	Name: tuuid Value: 1514a92b-1261-4d62-8611-1575917c582b
.acint.net/	1970-01-20 06:39:32	Name: test_cookie Value: CheckForPermission
.dmg.digitaltarget.ru/	1970-01-20 16:15:32	Name: viuserid Value: mgSkHFWJS8b3w067Ai9f
.acint.net/	1970-01-20 16:15:32	Name: aid Value: nVqzHGNGnSFXOQEZ088vAsl/X3ktzxpvrlsxbQVRX4Y0yH9q
.360yield.com/	1970-01-20 08:49:08	Name: umeh Value: !429,0,1727780129,-1
.acint.net/	1970-01-20 07:22:44	Name: cSyncDp14v3 Value: 1665572129
.demdex.net/	1970-01-20 10:58:44	Name: demdex Value: 34891100816237071980872969121022382124
.weborama.fr/	1970-01-20 16:05:27	Name: AFFICHE_W Value: 81sTYhBrROvz99
.c.bing.com/	1970-01-20 16:01:08	Name: SRM_B Value: 2352370078216A5D2CCF253B79506B25
.dpm.demdex.net/	1970-01-20 10:58:44	Name: dpm Value: 34891100816237071980872969121022382124
.360yield.com/	1970-01-20 08:49:08	Name: um Value: !429,QwkACFuY0vzls5STq1bHBjxbYkkKIZnktHIyzhb72BfmrnTjYaTsCIOmSL6MbrrPgaA,1673348129
.yandex.com/	1970-01-20 15:25:08	Name: yandexuid Value: 6112804261665572129
.yandex.com/	1970-01-20 15:25:08	Name: yuidss Value: 6112804261665572129
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2672617651665572129
.yandex.com/	1970-01-20 16:15:32	Name: i Value: aivLjdTuDbwEfwdHLYC/ISfX1eMgRY5adKBNfLy9/1RqnGYe0ZJM83Xd2CvYKr5ZKHr2E30ATIl4eKvpNGP5XVjrSrQ=
.yandex.com/	1970-01-20 15:25:08	Name: ymex Value: 1697108129.yrts.1665572129#1697108129.yrtsi.1665572129
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 16:01:08	Name: MUID Value: 2352370078216A5D2CCF253B79506B25
.c.clarity.ms/	1970-01-20 06:39:32	Name: ANONCHK Value: 0
.uuidksinc.net/	1970-01-20 15:25:08	Name: jcsuuid Value: wI09fGokhRXpyNNnB1L3
.sonar.semantiqo.com/	1970-01-20 16:15:32	Name: semantiqo_a Value: cc7adf89527c4133a03db5b3c17f0e13
.sonar.semantiqo.com/	1970-01-20 15:35:12	Name: check Value: 58755ad21128486496169a6157335ae6
.1dmp.io/	1970-01-20 15:25:08	Name: uid Value: 62d24302-4a1c-11ed-acfd-901b0e8b2a6e
.ssp-rtb.sape.ru/	1970-01-20 16:15:32	Name: sspuid Value: wQO4qWNGnSGopQAadnpiAq3fXy4iBw6mWj7kfgc9hK5Actkr
.1dmp.io/	1970-01-20 06:39:32	Name: ru-seq Value: null
.adhigh.net/	1970-01-20 15:25:08	Name: gi_u Value: gP3HRTjPL4s.AikABlGDy9XLSw
.adhigh.net/	1970-01-20 15:25:08	Name: yandexssp_sync Value: jA8
.upravel.com/	1970-01-20 06:39:32	Name: session_tptc Value: 1665572129766
.upravel.com/	1970-01-20 16:15:32	Name: user_id Value: 4aafdeb9-c455-46af-8e29-0a7b25a35410
.aidata.io/	1970-01-20 16:15:32	Name: __upin Value: uDU6UxpNk3uGzwGXzuzhAA
.aidata.io/	1970-01-20 16:15:32	Name: __upints Value: 1665572129
x01.aidata.io/	1970-01-20 06:49:36	Name: yaya Value: 1
.rutarget.ru/	1970-01-20 10:58:44	Name: userId Value: wJQC6z5jkS7_
.mts.ru/	1970-01-20 15:12:10	Name: dspid Value: 2a5c1b9f-b526-4888-8c68-e4b5b089a906
.mts.ru/	1970-01-20 16:15:32	Name: mts_id Value: c0ac450d-b525-47d5-8547-53b88cf851b8
.mts.ru/	1970-01-20 16:15:32	Name: mts_id_last_sync Value: 1665572130
.yandex.ru/	1970-01-20 16:15:32	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:15:32	Name: is_gdpr_b Value: CJ2cGhCVjwEYAQ==
.yandex.ru/	1970-01-20 16:15:32	Name: i Value: pX5cwzz89qo2agil7jnNQdD2We3IjCm4MkRC0kLMWMqShY7iTW/hO2lGcRtw2JU5e55tvIKjZbzczpvUrQAR08iG1lA=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIzdyhyeycUb7LcpAEVRQPo&google_cver=1&google_push=AZmPxg8aB15Vli8JQbHHE1CxxThuBv3AvxS7NstaPg2t4-Uk1TddkB3f5UeefK6KsIVt06LNza93PX5wYLb0K_lW0lZHVjTnLKLOWA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/1CB35A9D219D466319013957022FCFD3 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4aafdeb9-c455-46af-8e29-0a7b25a35410.sync.upravel.com
acint.net
ads.adfox.ru
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
af0c5ebb85e1af50df285ae176ba3f78.safeframe.googlesyndication.com
ag.innovid.com
an.yandex.ru
avatars.mds.yandex.net
c.bing.com
c.clarity.ms
cat.nl.eu.criteo.com
cdn.nur.kz
cdn.onthe.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
cms.quantserve.com
counter.yadro.ru
csm.eu.criteo.net
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.clarity.ms
im.bluevoox.com
image6.pubmatic.com
match.360yield.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nur.kz
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
region1.analytics.google.com
rtb-eu-warsaw.intent.ai
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.uuidksinc.net
securepubads.g.doubleclick.net
sm.rtb.mts.ru
sonar.semantiqo.com
sport.khanate.pro
ssp-rtb.sape.ru
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.khanate.pro
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tttt.onthe.io
webapi.nur.kz
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.nur.kz
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
googlecm.hit.gemius.pl
mitdmp.whiteboxdigital.ru
104.18.18.126
136.243.148.229
142.250.185.194
142.250.186.34
142.93.164.210
148.251.129.43
148.251.236.118
159.69.72.5
168.119.8.212
176.9.9.10
178.170.195.115
178.250.0.162
178.250.2.135
178.250.2.148
185.15.175.132
188.42.191.196
193.232.150.68
193.3.184.201
195.209.111.4
198.47.127.19
20.234.93.27
2001:4860:4802:34::36
2001:6d0:4001::226
213.87.44.187
217.66.147.42
2606:4700:20::681a:f45
2606:4700::6811:180e
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:40::45
2620:1ec:c11::200
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:400c:c1b::9d
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a05:d01c:1d8:8102:effe:42c3:2f57:d795
31.172.81.158
31.220.27.134
35.177.4.157
35.190.24.218
35.227.252.103
37.18.16.22
52.167.85.21
52.30.181.76
52.45.175.185
52.51.135.205
69.173.144.138
82.145.213.8
87.242.93.185
88.212.201.198
89.108.119.28
91.192.150.14
91.215.139.234
91.215.139.235
94.247.128.35
94.247.128.38
94.247.128.43
95.216.24.148
95.217.86.150
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0596a17530bb3a76675c9d72b22f8bbf927eede182d036ea7a3b278970864fb3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0efa48f42235e36ff57cdc3962a892de760478ae1fbc729dab9dd09da7e0a807
0f5cc46101d2ea860a02ced5db061198c1a256698478913248551738ad612d8d
114eca7ca5da90b4067da6e0e36b465299418d7ab3090382b8a65a0a11af6698
129ff8b1b9f2e78f92f6167140d8be0bb4954e95a2e4c58202b47e5e54878e5e
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1cdc1fcb9385a0a7f31edf84af5a967ecba1763105332047dbe5f891e4056dd1
1cdf25d756a0e83e1971cdd267d8fb455ae157cfc7eaead62092bc04f482e142
1d8f13f74d90a0ce7e77a465e6a771744edc29261067c703bb307d5322f4d86d
1e97c0266ae65be466fc97ba62aa6c1b9c68fa140f95dab96ab7645c6ac1aa89
25272e76cab18bcd741f31a95fa3e558adbcd2a201259988e10324eee1bda2e3
266dfd1325c513e1a02e8a5187893a97f94223fd8bf5a625bb80bff88c8dfb8a
29fcaa8e9abe9ee3c80590d324a3fb565b36b30ef27062e30059e86e652e46b0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b560efc660dd507e8e0b20a079eac74c975b67e0629545a7d2ec9e3687905db
2b87b07ecc52718cc67ffed0f3d9ff850a2fc59ab855c0d338b89aab7636ce6c
2ca0fd19a60052510aaa617410d1db1cbe1348c969f7a6b558ada94bb80c8752
2d2b5a14385b720fff60b9fa208371213c9e0191b72d8dcc7536e03469cf17a5
3006352471885e5613dfd2d6e96ee1ebe93686260dd7c778e4c7d79171919352
305dc1bee838e7e3b0b20fc8920c4cfe7ca1ebe3c1ebc2033df9b378f505c3ca
306e53e628418281cbc0c66be146cf2c981243aee060334cc524603d999e7b4b
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3808d3665afd232850c0a57aae56ea7f37d3344a95bae8c110e6f643ead46218
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
434617e06c4d3176788c95bdff63a22e66bbd49ea472374b3a55e30e44f2b70a
48b3fc19f502b22f857cc0d2a3eef4a14002ed5022e6794df5098b273f5e228d
4c75107d55d30c60dd2ef23e8e25167094dd0b1c73f071d0565b5f5d114724fd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
543f24dad003d6e1aed9da0c8982c4f7329cf7730cfc84fb3608a9f44e011fa7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55004740cd8a8435f86140b3d7238a37da57582e193d11e25a7c670df8cc19bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569b67ef1d76c5869a61471b93651371927719520f4268bb9a6ab30fe0380019
587b18e16ecb7bbd1526aaf43343877da659a23df8eb1ef63e0aa855d55596ed
590139d419b66edc1e5b9c61a7ca929871964958a0f31e025c76290b7f927dde
59b0e364dbb99f8b8a3024bc10ecabac5479643302759c5234f732c9c45607ff
5aeeb0c2520ad8cffdd705c5f2f7c680703fd2874851cf12a515ba9452377bf5
5d01b9cf3603dfb111d664016b51bd2450af4dbb2b724e9115ca94cac3971b6c
5d089760b9be924ea7339380e51a5e8565840507a2a321f43141ee921863d0c3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64d97aec8d05b51375a09219635904e7c6b5488cb89aa8546ffb78225a9ba018
676a998ce180e0fb5577dc2ee977e4d01d98c7e609107fbbfaf9fbc0ac10bd47
684c7ddf06ac43de1a558e31bdff75ff3adad0437e67b72ee457a88e76c4814e
68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4
696509319bb81efdd2e9f7c12a2f2c2a176179fed37b92e16b7e5dffdc8869ee
69b5aa9fb6f91c576f897daa154236f3c4bc7e31024920b0ffbcdc2833f3b360
6c3c648447514db2f2f7c8f04b3ac0b1cf1e8ea00fe8c743f427f63d938a198c
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
6ebaa161909ccae59921c9cba25620fefdccc0711be53adb644761a897bdfe22
722e5bb2daebd09ef48a41d29e976984536591b038e4fb6d50f14fc13b57de70
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
7cd2df345488171f36ff248868b19d2759d24b295f25c0968d3f5ce7370f01bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86b922ab8e049fbdad0bf20b631b6314098889b53b4f3163ada9180c97f0b42e
87f376600e26a1c20ab565500a2ed5ffe03ad5d64041ac4af6ae59344aae408f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee0691c1e66565ade6bc5004cba455f209b8999411b3887f45281fdd270a7d
8b3d9dd5d77badb134d805ae01841ddb4e9ef60a02c024d986c5190f987d2e32
8bafe7194d5932b90bdd086ada2125f0c5578150b6053c2f4ee60c686e2f6be7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f57e546849c2d4fecc094fb9afb7f738f0802b0cb1044badd6732bff51a1a7b
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
97695f06a9a9e66d2fa178cd42a728c2a7c129d71be07c40b35ef82fee2ab93c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9946b4bfaa91a76e36aad44a9993043786edd62edd0d19562676b0dbdffba43d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a86137a748605b3a5b3163ab59e7e76ad6c95aaa6a1e120887c06674016c833
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1c1a544dce2ad7a8933ff9c4e087936f42c972d7858551181a9acb878a7c9b6
a243dd6954020fad139c2e738354892bdefe862d284ad4949507f59dda66590f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e6c12136f6c5c7e3a186a44f895adeac9779f1b141187506eee2d56ee39e8e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e316d77229ed33dc8f27131eb909457dbb453c835e23104fd0f7265449d48f
a80bfba69eca180b433d1c25b7c0bb95dc95ac7683348c6b7fec7d298f549347
a8d532347c58f48c959e82a661a0e3b0a635bf178f799abcdbc3bd26b96e21f1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45f51a119afd78300c86ee9afd081c5f3bd2d1bb3dd1d9927b6f7d4b0d05924
b4dac18e01c9ef874f5d33ae8ad2eca84683281858bd9fab0f9a95e0b26c19b1
b51ff2734c8fd10520c40bb7f595b7a4bd43db47f50f85db9f569359bb387501
b7654898bd2bfc1b3a6af300b27655a0823ce2efeff9306053789d7a0b711ab7
b77d94bd4977d6ff9c0a1984ac05fe55ff6dece427b361e0abdf1cc4f13ad872
b7c76844d8b5a45e15da6e168f52113b607101a169ff8cfd1f3cfa2da7193dc8
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b83bf949954e2ca805089c6a278203d60c5ced398ae0fe4969d6486b28cd3401
b86d79adcfefe38afda6a21dbefeb72a2484083b1a6b91c5bfaeb242fe056d29
b990a6e1fbfad1e12019b70014a45485788e377340a9ab973b8c9340e4ab3f2c
bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc
bbc9c0aa6e99682e61c96631c4d846110c2f3972c2be84fa77efbbf674e5ff81
bfe9a28a74b54b5406bfda52b793023874e5b9c3c8e5d0718b8927150942266f
c143e6ea1045e91d4e368dce6b2bcbf3dbad7346afc4cb2f6d44142839026b43
c14a12282825a4a1c2d3cb329c8a85fc79fc20b622b2b116af73528960416e00
c1a1e4564ff3dd2212011700ac5b83f083d9cf6c1f7902a3836e44b86b6d3d6f
c39b52f2c7e927da81b4afffe44703fc3278160f53baa13415d842bb17c46182
c403d8d2118a0a2e6d4c8a7dfcacad5930b82643c6cf375232e2251d2eebd92a
c55eba3375e19f66b1907be443bda17e31bbd0e451f3af1888848359ddc9cf35
c5e31ec996abd39481583ce7eaee1c6dd4e0620d873020465da91d13bb834a33
c63b4b83953bd97502b3f3f0f23e2cd61695f75cf49d09901d596c25af4ce6c3
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
c9359c423f11152cc52570d1d15b78449a4aaf8a4106599af13305e13c90b791
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cbd065a586fc6471e986f6190744ea851e21475068200195b0401e523ea6db64
cd4f869e2420ad365ab78880ee158895f3b91b050e61ea4ef3225712e30503fe
d079cdf8b49ef560d90af20d8c47e38e5e456dedccc58c188883e6cc8d25695b
d1821a81f8311813ce59a03f476301ed92a6fe5d01ba3ae639e21088ddbc038a
d1d73b904816114baa9cbd4f4d31481f19344dfe81c33ea2ff4e450cdc5f1542
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d8318a29921ceb3b831b8bb90288ac4bbb07203042f098d9a312812ac914f3f2
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd628f5f33d046c6a98e3eee2e1a050fa94642afb0cc7c081f6a7546a7ad2a3a
de5aaa40e209ac16b1e95f887a822dff42702cc8bd97e497795fc6d4bced00c3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e776ab1e8da89dbe0ba81f66eaacd15c465d8f7538cd2358229cea49eadf3f0d
ead8ad10265275e2d3225db2aac4afc36a05a8dec75424fd3f4f4b1c98883afa
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01c2f2782c7d85b2154abb533f1f894b1e17610db36094f4b0d8c802e9bd4e3
f0ea0091ee9cea48491b716bf853963e2ba955e888ec48add463788d51b50936
f0f3fadd348581fce870209a4705b228f28a7c06fecefc150707191d0f02a27a
f20f63fad75893ad71673c5486de652508fbf5c0dc9c48b0fc6b5f33054892e0
f3456903656f0601338d81e00f8efe9e025055f224f822de2746e18436c9b4a5
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f54447f18a99e57dc36be470a2c570b85afebb963bd8d4f3eab0c86249b74f4d
f555ea13c0bc5058b1670fc0904f997202c6cc7adcc1d87e0e07304e2cb452c4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f71eec497ff6d810bf2fa0b03428e1c0fc74d482ed26062f68a998e6a278cf1a
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
faea6b4bf305c9a21909c78062a6659d3438ddb9354fc45aed005dcf17fab55a
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908
ff51bc2f9b167087eded18af57b24ec8f4b8c5558c60b2541304de36ba46f833

www.nur.kz Open in urlscan Pro 91.215.139.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

290 Requests

88 %HTTPS

45 %IPv6

59 Domains

89 Subdomains

63 IPs

13 Countries

3910 kBTransfer

10618 kBSize

84 Cookies

25 Outgoing links

Page URL History

Redirected requests

290 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nur.kz Open in urlscan Pro
91.215.139.234 Public Scan

Screenshot
Live screenshot

Full Image

290
Requests

88 %
HTTPS

45 %
IPv6

59
Domains

89
Subdomains

63
IPs

13
Countries

3910 kB
Transfer

10618 kB
Size

84
Cookies

290 HTTP transactions
4 data transactions