aviata.kz Open in urlscan Pro
186.2.163.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aviata.kz/railways/
Submission Tags: falconsandbox
Submission: On July 22 via api (July 22nd 2022, 6:19:34 pm UTC) from US — Scanned from NL

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 81 HTTP transactions. The main IP is 186.2.163.27, located in Netherlands and belongs to DDOS-GUARD CORP., BZ. The main domain is aviata.kz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 23rd 2021. Valid for: a year.

This is the only time aviata.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	186.2.163.27 186.2.163.27	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
22	188.166.120.56 188.166.120.56	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.139.67 18.66.139.67	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
81	23

1 186.2.163.27 (Netherlands)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

aviata.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.166.120.56 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: ams-lb-01.aviata.team

railways.aviata.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.platform.aviataproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-67.fra60.r.cloudfront.net

cdn.scarabresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	aviata.me railways.aviata.me	320 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	176 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	66 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 5536 adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	google.nl www.google.nl — Cisco Umbrella Rank: 8803 adservice.google.nl — Cisco Umbrella Rank: 13234	2 KB
4	googlesyndication.com bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com Failed tpc.googlesyndication.com — Cisco Umbrella Rank: 159 pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	21 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	72 KB
4	gstatic.com fonts.gstatic.com	148 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	130 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	224 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	388 B
2	aviataproject.com api.platform.aviataproject.com	692 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	17 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	43 KB
1	scarabresearch.com cdn.scarabresearch.com — Cisco Umbrella Rank: 10550	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	aviata.kz aviata.kz	19 KB
81	17

	Domain	Requested by
20	railways.aviata.me	aviata.kz railways.aviata.me
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com aviata.kz
6	securepubads.g.doubleclick.net	aviata.kz securepubads.g.doubleclick.net railways.aviata.me
5	www.google.com	1 redirects aviata.kz securepubads.g.doubleclick.net
5	www.google.nl	aviata.kz
4	mc.yandex.ru	1 redirects aviata.kz
4	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.googletagmanager.com railways.aviata.me
3	connect.facebook.net	aviata.kz connect.facebook.net
3	www.googletagmanager.com	aviata.kz www.googletagmanager.com
2	www.facebook.com	aviata.kz
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	api.platform.aviataproject.com	railways.aviata.me
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
1	pagead2.googlesyndication.com	railways.aviata.me
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.scarabresearch.com	aviata.kz
1	fonts.googleapis.com	aviata.kz
1	aviata.kz
0	bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
81	24

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
Aviata.kz Sectigo RSA Domain Validation Secure Server CA	`2021-07-23` - `2022-08-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.aviata.me R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.scarabresearch.com Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
*.platform.aviataproject.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://aviata.kz/railways/
Frame ID: 020B1AA866B21F47D3699C99DE4BA525
Requests: 90 HTTP requests in this frame

Frame: https://bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 726204FE2EF7732F57D62FEA97B6F49D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

81
Requests

95 %
HTTPS

77 %
IPv6

17
Domains

24
Subdomains

23
IPs

5
Countries

1262 kB
Transfer

3583 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsu6PIiFvuZsu7pT15_rY2sP7SXORL_m1qONoNyRV99kX_i3AlQCdXS_8IlWS4-bKPkoeYDqjUdhu5Fw0Ij22YrKuD6_COQvIUWiNRd93N2ngdENxGWEpVLKw3ZHRGB63TGkyVOfF_aQ8sMixlUD0ME0N2jRkUFyOHpwY_wiRpFu8pyC3YVoG6KpECcKXj2fYhli_XYySNMFuljq_OIdZJVwaayYDVRzWSIO9AHPIT0u5WlV1Z-4Nq5S6pkGGTP51jVPJdC_ValDk7Lza9EgEBKgFZcav9glPBcjO9QSlZ-WnchyQrVCFmDp4jsmQeEpAQ&sig=Cg0ArKJSzCqnvKGLayZo&fbs_aeid=[gw_fbsaeid]&adurl=https://aviata.kz/railways/discount-card%3Futm_source%3Daviata%26utm_medium%3Dmain-banner%26utm_campaign%3Ddiscount_test

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEbL_vILKF0LoH6s0NNiW65NVe7lhl9j7sqUusmUNV2MhMAdY8c7-OqNO7AILrl7pU_g0lNNlaoVbVi2QxSk1RfREEeDdm9k8VMNpICxb9cc0zyjLh7x9rrnlZLNjkIfuw-I6JYJPHScbPbF-jZ8tF48wQJxyd_T_j3ilEswrpEaAlSiX8RgpaYy9dpXS63Todfg2bn-80mgQHL_G4r4wBzZpxZaRZ6l2Rc-xG4itd3wCmv6KbD2-X-GuSR9Kit40vGwXURZQmz7qXLndt9jPirwcwsBaCLq4YsO4CzdRROPUXsTnhPkpdT_g5SKQxEU8sBR-IMTBPuPcVI4k8CDbs8EN4gJBlV4cu0aLMjbaXwkytX41bFrntsCQiGlQPj13GXG1uDWS46W5n11yn4TuuOq5VQ6tIh-KQ4fpd4d9ih2sMRIoDTk3ZxH6esCctvyiWGExKl80YpfEqVqDSkl6oPHGMRscL2BM-WZTqj28TL3q-Mey3zRiP0_cUMd7ENENMp-1El6gf5miGLDmCbCxuo1dTi7iTngXoI8CR9WMXBPSW1rJ6P1mnBH5fGCJWYC87Oh7nWTS8WgLBuvf4hWIRlQz4TAAds7OUsgYWfjB6eWKeEKmgtGLbdpLEi6Jj_As7lpIU3kwsvrCNuauE2zxLh0oQAq_fPwFmNcaVVdLx1JpXPwp_nzo-eI0RV0rFUmtibrCuUshF4Az2bOMcErn1AoCVmYybMxtox4nd1PbEcYtD2k5M1wkwXoen3UIDTs6YX8caoMdfMD5x6T-PTr01wnL8-ONFeQvsM-OAzN1tfiHyROyDaoodibwiWWSsAcfJ63L8MtxEUkcxIpeo6vXo4VmRKX-DWk9G8-auI6WDRF1ZmG5sNG-1rbBpL3AbHLORtYGxtX0F-OAtBRc3mrQ0qvK4ZjrKnUQAUv4ahCDmhZW9MylHfvIlVxSVY7ZuXX5OYu0yogJwDWffNAI96-3d5DH0o4dPzYZb1lNa_HdlRihOMVO6cAc95iCW-lHkmM53GPMgJEGjvL-I1mV3JBd6sYKIQJ6Dt2TDy2HHpIVd1olMDebPH0K85SJi5p4mU42G_e6yBM-bjYn_CNaBhlYWyCfUuY7W9zeWmO--QQLJLp1FXeh2iNrnNV5r3YIJWP1YUqBGVjIjbTZxso7L7EzqheHni8YN7F

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MeraYqqZH8DJmLAP2IGGmA0&sscte=1&crd=&eitems=ChAI8JXplgYQr73Jr7qI2fVtEh0AI-dvHn4T5pc2oRJ-mcVTvr9P0S9-9kOyzOKsQw HTTP 302
https://www.google.com/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MeraYqqZH8DJmLAP2IGGmA0&cid=CAQSKQCNIrLMhCmuPxC6aAXNbsyZwky6L32L6e_gQLy5PZRyM12hXEfxPZmu&eitems=ChAI8JXplgYQr73Jr7qI2fVtEh0AI-dvHosezu3CBDeLlLjr4bId0tHi7wWUA_S-pw&random=1596388440&resp=GooglemKTybQhCsO HTTP 302
https://www.google.nl/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MeraYqqZH8DJmLAP2IGGmA0&cid=CAQSKQCNIrLMhCmuPxC6aAXNbsyZwky6L32L6e_gQLy5PZRyM12hXEfxPZmu&eitems=ChAI8JXplgYQr73Jr7qI2fVtEh0AI-dvHosezu3CBDeLlLjr4bId0tHi7wWUA_S-pw&random=1596388440&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 73

https://mc.yandex.ru/watch/22301591?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1153925039430%3Ahid%3A707770207%3Az%3A0%3Ai%3A20220722181929%3Aet%3A1658513970%3Ac%3A1%3Arn%3A651361217%3Arqn%3A1%3Au%3A1658513970234179586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658513968953%3Ads%3A6%2C33%2C42%2C1%2C0%2C0%2C%2C33%2C0%2C%2C%2C%2C411%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658513970%3At%3A%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/22301591/1?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1153925039430%3Ahid%3A707770207%3Az%3A0%3Ai%3A20220722181929%3Aet%3A1658513970%3Ac%3A1%3Arn%3A651361217%3Arqn%3A1%3Au%3A1658513970234179586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658513968953%3Ads%3A6%2C33%2C42%2C1%2C0%2C0%2C%2C33%2C0%2C%2C%2C%2C411%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658513970%3At%3A%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

81 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aviata.kz/railways/ 61 KB
19 KB 81ms
42ms Document
text/html 186.2.163.27
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 186.2.163.27 , Netherlands, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: ddos-guard /
Resource Hash: 4a050921521fb617b37bd15c3cd478ec47bc89d477baebfad48f7c01c41db223

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Omnidesk-Auth
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Fri, 22 Jul 2022 18:19:29 GMT
etag: W/"62cfc8ca-f2b7"
last-modified: Thu, 14 Jul 2022 07:42:02 GMT
server: ddos-guard
vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 101ms
48ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

ea604909ba0751acb97de1c01261d264b3f3cd365c36cebbe859cb248bb19ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28366
x-xss-protection: 0
server: sffe
etag: "1281 / 400 of 1000 / last-modified: 1658488048"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H2 200 149eb96.js Show response
railways.aviata.me/ 2 KB
1 KB 182ms
20ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/149eb96.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 529de94cd9160852f93bf05914202c5aa6c40e15f55e876d320886d35235b674

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-9e1"
vary: Accept-Encoding
content-type: application/javascript
request-id: 339cad9c81842b447d88d2ec0d404dc2

GET
H2 200 b3380d0.js Show response
railways.aviata.me/ 236 KB
94 KB 191ms
30ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/b3380d0.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: a14794230866e2c728ef6fc9209c6fe4b80ba968b2f9bbb5035eb3f6f9262899

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-3b1bf"
vary: Accept-Encoding
content-type: application/javascript
request-id: ddacca3cdd09d7bce3a8bd84ddafd83b

GET
H2 200 576a56d.js Show response
railways.aviata.me/ 353 KB
127 KB 190ms
29ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/576a56d.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 6fabb4964725ee68d3f2c7c86e304bead7e65e2297ebe6ed18a08cce36d995a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-5842e"
vary: Accept-Encoding
content-type: application/javascript
request-id: 72c4aa98760d61216d8da35b3c0c6663

GET
H2 200 7a3ec08.js Show response
railways.aviata.me/ 44 KB
14 KB 208ms
47ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/7a3ec08.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: d48d7b8e4f38f634e385328be1e073bc6003ab5c9a79d3307f94bbe8246a7de8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-b186"
vary: Accept-Encoding
content-type: application/javascript
request-id: 8a84e06116bac70aafa32077f5b52714

GET
H2 200 0c57d98.js Show response
railways.aviata.me/ 108 KB
36 KB 190ms
29ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/0c57d98.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 399debb6e83b2cf1a052766145f11b223b3e3b8531460a0a725e4caf0ff75043

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-1af59"
vary: Accept-Encoding
content-type: application/javascript
request-id: c7856b88f95084209f3af68bbe6ec5bf

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

942b50839b4c887e66f8a0962cb5ec87a757bab5924b1c1431ac80303b26c895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 17:25:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 18:19:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H2 200 state.js Show response
railways.aviata.me/static/1657784521/railways/ 4 KB
1 KB 181ms
20ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/static/1657784521/railways/state.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: ff9818a59102ee7e9a7813322f07b1b098931331b3c390f28e420b16e182d9cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-fa7"
vary: Accept-Encoding
content-type: application/javascript
request-id: 2040824479db5828e2cb331a4fbf5e6d

GET
H2 200 payload.js Show response
railways.aviata.me/static/1657784521/railways/ 67 B
269 B 182ms
21ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/static/1657784521/railways/payload.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: e14d3b37b53b209496218ac89b251789de8794dc2b0d81873a6c563d7263fb55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-43"
vary: Accept-Encoding
content-type: application/javascript
request-id: d52cde378fd1c5b6a0e3ddc361cd14fd

GET
H2 200 manifest.js Show response
railways.aviata.me/static/1657784521/ 58 B
260 B 180ms
19ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/static/1657784521/manifest.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: d3267c66011f81647c419aa5c2d860fd794166a725bedd37b06fa50329ecfdee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:02 GMT
server: nginx
etag: W/"62cfc8ca-3a"
vary: Accept-Encoding
content-type: application/javascript
request-id: d127a88308aee5ed850127182c202edc

GET
H2 200 main-logo-lg.d3a0e07.svg
railways.aviata.me/img/ 6 KB
3 KB 27ms
26ms Image
image/svg+xml 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/main-logo-lg.d3a0e07.svg
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 24d9fa867bb206e45a717e01ba4a02ec33eedc7882103f5ac708bc3fe46bc8ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-19c0"
vary: Accept-Encoding
content-type: image/svg+xml
request-id: 363b1eaa814c66fa37b4e2a7306f17f8

GET
H2 200 ktzh-logo-lg.57ff4ea.png
railways.aviata.me/img/ 6 KB
6 KB 26ms
25ms Image
image/png 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/ktzh-logo-lg.57ff4ea.png
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: bed044bae85326a59c3c61014386dd76b79dfa1cb415e23ca635dc7d5d5cd4dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: "62cfc8c9-1818"
content-type: image/png
request-id: 2e9ca67e0ac31d4044d330871367075c
accept-ranges: bytes
content-length: 6168

GET
H2 200 help-icon-sm.218b8d9.svg
railways.aviata.me/img/ 1 KB
787 B 22ms
21ms Image
image/svg+xml 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/help-icon-sm.218b8d9.svg
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 57be1479021b103e60ec6c1f116e0bf5064b24c4b31bd7617218a65140305c88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-433"
vary: Accept-Encoding
content-type: image/svg+xml
request-id: ec9ca0a8d5c7198f2e2693fa897de5b5

GET
H2 200 rahmet-sm.8cca1ff.png
railways.aviata.me/img/ 1 KB
1 KB 23ms
22ms Image
image/png 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/rahmet-sm.8cca1ff.png
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 29bfba4e4251f2328b05096ecdc3cf0bd32d67aec0cea4296c1f0928348123b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: "62cfc8c9-49c"
content-type: image/png
request-id: 28bf9603987933d3dbc55b8f6a2ac90d
accept-ranges: bytes
content-length: 1180

GET
H2 200 visa-sm.c08c3e2.png
railways.aviata.me/img/ 2 KB
2 KB 35ms
34ms Image
image/png 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/visa-sm.c08c3e2.png
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 2fbb6d423e6c295c1c7a1f8ac632e636a9704c88f7fa642b4af285007fd54d54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: "62cfc8c9-623"
content-type: image/png
request-id: df83c5dce97552606b5793205e23cdab
accept-ranges: bytes
content-length: 1571

GET
H2 200 main-logo-sm-white.911d70a.svg
railways.aviata.me/img/ 4 KB
2 KB 27ms
26ms Image
image/svg+xml 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/main-logo-sm-white.911d70a.svg
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 7f0468ac96afcbb9f2713ebde78b69ac1475b78d8dfe354960ee5a5904b9d8d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-e90"
vary: Accept-Encoding
content-type: image/svg+xml
request-id: 7022a17993febfec9cd6d551292c387f

GET
H2 200 yt-mono-white.696b03c.svg
railways.aviata.me/img/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/yt-mono-white.696b03c.svg
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 628eb59d74dc9b4578f9b73a82bc5e4e042fd1f16e3b5a9ba972974bbfba9357

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-6f4"
vary: Accept-Encoding
content-type: image/svg+xml
request-id: 08faea0237139fd849da4703acbba4a7

GET
H2 200 depositphotos-logo.4a66510.png
railways.aviata.me/img/ 2 KB
2 KB 30ms
29ms Image
image/png 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/depositphotos-logo.4a66510.png
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 3e50cf1f331a74c215e120879cce87bb0158b695c9d92c00d4802bfa963d8961

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: "62cfc8c9-850"
content-type: image/png
request-id: a66b6af7090eeca3872d2287bdbb2406
accept-ranges: bytes
content-length: 2128

GET
H2 200 forbes-logo.d08f44b.png
railways.aviata.me/img/ 1 KB
1 KB 27ms
27ms Image
image/png 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://railways.aviata.me/img/forbes-logo.d08f44b.png
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 262aa1d7b82ebf87644ba8edaedfdd1cd2b900866b47993fd4aa7ba5e5fa519d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: "62cfc8c9-463"
content-type: image/png
request-id: c752bbfb9d84a502625ce4cd5a74d8a3
accept-ranges: bytes
content-length: 1123

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 472 KB
82 KB 139ms
68ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8NW4P

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85fcbf525b858d50ef0097fb7f0a64d0d815431b7baa0fee0ee227bb77e6d149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83199
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
DATA 200
OK truncated
/ 978 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c69193d60587bf99216bee385b5dc0c73b9d6d1174b445aeb0697cc12e6f6adc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 713 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 060181e5ae1cb333bcddd19ae83c994c44d934cf2db04e0216fc092d80e8f889

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 526 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef3cad5caf753a032dd11ee5af9b96cf6e26fcf7b2cb87c2a2104b1468c78de5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 741 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f81e65f554728587e5e930bcbcaf43c94e2bb1ed44103c94dde4872b0b8a70bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 284 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8b4af132980a8bf2a89569f4878340ffb57d7b790237749796184a55e560f6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 746 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f4a119434e005794ed16561ccd108ba2f9b9f1eaf46e6e34654ba3e64647d81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8efd119ef5d528096c1cef07b5796894e32535cfc06d3ac3910f1978b787c237

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7748e857ab7a4ed78f639f9eafe20662a388c0e1e78925544b32812278b163a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 562 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a192b0bd8aed19cf28ca00bdfd579714e0cde6dc72b273b6093b9ff380a6b2ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 828 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a0b69a681d9f15eebf34122d677fae896de47aa1b35443a176f5443276847f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
25 KB 86ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aviata.kz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 17:48:55 GMT
x-content-type-options: nosniff
age: 347434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:48:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 105ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aviata.kz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 328144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:10:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 48 KB
48 KB 105ms
58ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efc8e65bc9fb4058af80911eaf621c1399646b3a3b1fd6d5a5f3bbc00246c2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aviata.kz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:59:21 GMT
x-content-type-options: nosniff
age: 372008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 10:59:21 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 31 KB
31 KB 87ms
70ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

935be36155c74981c8f8baf473058b6798ab14eafcf898fcf17c1fc7bb0c254a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aviata.kz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:27:55 GMT
x-content-type-options: nosniff
age: 352294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31448
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:27:55 GMT

GET
H2 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
129 KB 33ms
33ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 10:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jul 2023 10:49:59 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 31 B
681 B 92ms
41ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aviata.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a3654f2b182e8427d8213d088c4e51587cf8fe4760c7686e4fa9e032ded83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45
x-xss-protection: 0
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 105ms
44ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8NW4P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8NW4P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4649
date: Fri, 22 Jul 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Jul 2022 19:02:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 202 KB
71 KB 81ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-H4H9QMEDDC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8NW4P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91de0a4f997d8efcb61eaefd34e5bfdcbe211e2021339a23ddbba69df8169341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72539
x-xss-protection: 0
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 247ms
122ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

409a96de62a6c4d1e7324a08935bbdfe8c480996842011bf4729cd8c6fa39951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-117df"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71647
expires: Fri, 22 Jul 2022 19:19:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 76ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d1780802ae5951d33b28aa1e669627bf8f142949e13dea444aeb423cd6e670e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26031
x-xss-protection: 0
pragma: public
x-fb-debug: pVcxkAWH/BzxyBtzKmvxfr1zlC5mmPHRT2uSjQOjViGogImLxuXR5oirKIQ1koP9d3q+G3tnOW70GOPPQF5hvg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Jul 2022 18:19:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
71 KB 84ms
47ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4H9QMEDDC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8NW4P

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f041d5c4383a6f3d84782995b2efa9530713a927d8acb886c2620f2f76e7623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72589
x-xss-protection: 0
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H/1.1 200
OK scarab-v2.js Show response
cdn.scarabresearch.com/js/1E579E9D13D68BAE/ 95 KB
23 KB 80ms
25ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.scarabresearch.com/js/1E579E9D13D68BAE/scarab-v2.js
Requested by: Host: aviata.kz
URL: https://aviata.kz/railways/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: /
Resource Hash: 77273767819a71c0bb87dcc943e0b8e4f577a1dc93f8ad5142f40b124f4281d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 17:29:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 3041
ETag: "4f89c98e5f307a1aa0a947c5ce20ab00--gzip"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript;charset=utf-8
Via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
Cache-Control: max-age=3600,public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P4
Timing-Allow-Origin: *
X-Amz-Cf-Id: CS42uMtPXwuSm0Ch06tNSgKa9QBiNVlkJQSkphV2YjkT1YGBw6EUtQ==

GET
H2 200 bf1bd77.js Show response
railways.aviata.me/ 26 KB
8 KB 23ms
22ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/bf1bd77.js
Requested by: Host: railways.aviata.me
URL: https://railways.aviata.me/149eb96.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: c39525ac7d08d152246193c92c4e2fe89195fc47f7e3f78c3d64911a9f4b6653

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-694d"
vary: Accept-Encoding
content-type: application/javascript
request-id: 65f3f331aa286c576abc8b1dcb662309

GET
H2 200 307ed52.js Show response
railways.aviata.me/ 29 KB
11 KB 24ms
24ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/307ed52.js
Requested by: Host: railways.aviata.me
URL: https://railways.aviata.me/149eb96.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: ea04305f71a4cc01b3b51616432eca0f5ff5f67b5659b0b9df7a739f74ef62c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-7380"
vary: Accept-Encoding
content-type: application/javascript
request-id: 320d770ede406dafd1acdc9df86d598e

GET
H2 200 d186af1.js Show response
railways.aviata.me/ 19 KB
7 KB 25ms
24ms Script
application/javascript 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://railways.aviata.me/d186af1.js
Requested by: Host: railways.aviata.me
URL: https://railways.aviata.me/149eb96.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash: 2253962bea63cbe7674623804c8990c41c56e126cb614fe33c6e61534554c95c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 07:42:01 GMT
server: nginx
etag: W/"62cfc8c9-4c39"
vary: Accept-Encoding
content-type: application/javascript
request-id: 32a584d692edd3f10cc143b64f66cd02

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 17:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Jul 2022 18:37:50 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 64ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 17:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Jul 2022 18:27:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 64ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=252558350&t=event&ni=0&_s=1&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=MainPage&ea=view&_u=YEBAAEIrQAAAAC~&jid=554069116&gjid=815468093&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&_r=1&gtm=2wg7k0P8NW4P&z=973183016

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aviata.kz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 118 KB
44 KB 69ms
38ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5QSZBSD&cid=462933446.1658513969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df1f45c2317fa9327cb8159eb20ea08ebee6dc7f69a3d17e68bf9e9efbaa1078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45136
x-xss-protection: 0
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
20ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=252558350&t=pageview&_s=1&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&dp=%2Faviata.kz%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEIrQAAAAC~&jid=&gjid=&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&gtm=2wg7k0P8NW4P&z=1173290208

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 06:36:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 45ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.65

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: dWzAederrZbmABfqhCZLNU7aXdm+BKy9IHI6cRypbxBBeCYAkdUjclu586xtBGEvqWKMgMYalZGun17ig80exg==
x-frame-options: DENY
date: Fri, 22 Jul 2022 18:19:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1862079357408316 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 264ms
240ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1862079357408316?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe5276113a576aea673ec80b81860e459f1f61385672d09ed3981f61b8ef4576

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0CZlDjvq496ds7bjRGM8Na2COeoAYhe4SeTJ9X2rW8vsDFz8QwxQ1zPLhR+Z1hnRaamR1+7GmTeOyrnRY+fb/A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 22 Jul 2022 18:19:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658513969667
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
api.platform.aviataproject.com/auth/consumers/ Frame 0
0 93ms
20ms Preflight 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.platform.aviataproject.com/auth/consumers/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: ams-lb-01.aviata.team
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-site-url
Access-Control-Request-Method: POST
Origin: https://aviata.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-site-url
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin: *
content-length: 0
date: Fri, 22 Jul 2022 18:19:29 GMT
request-id: 21900a21eca22e78df315ebef70ef121
server: nginx
vary: Origin
x-correlation-id: c93971f2-0bb2-4f4f-9603-b832447a3c64

POST
H2 201 token Show response
api.platform.aviataproject.com/auth/consumers/ 431 B
692 B 39ms
38ms XHR
application/json 188.166.120.56
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.platform.aviataproject.com/auth/consumers/token

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.120.56 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

ams-lb-01.aviata.team

Software

nginx /

Resource Hash

92ce5ace33b82c74f7a28f9e15f7dd08eab6bec1702358b730057401bc6dfd87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://aviata.kz/
x-site-url: https://aviata.kz/railways
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
x-correlation-id: 9b3076e6-b907-403a-995b-b9419228326a
allow: POST, OPTIONS
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Language, Origin
content-language: nl
access-control-allow-origin: *
request-id: aca0dec1f371a37fafaa1e0ee5cf6633
content-type: application/json
content-length: 431

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958864753/ 2 KB
2 KB 102ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958864753/?random=1658513969448&cv=9&fst=1658513969448&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f51026d1f24db820fb61d8febf619bbde8562eec3fe859455902777ca1aa40d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/825052459/ 2 KB
1 KB 79ms
34ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/825052459/?random=1658513969450&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

45484fa4b515e6b2e8a802560adb49cc24745a30f4a86bd2b170de3f53936208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
343 B 51ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4H9QMEDDC&gtm=2oe7k0&_p=252558350&_z=ccd.v9B&_gaz=1&cid=462933446.1658513969&ul=en-us&sr=1600x1200&_s=1&sid=1658513969&sct=1&seg=0&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&en=MainPage&_fv=1&_ss=2&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-H4H9QMEDDC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 72ms
25ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H4H9QMEDDC&cid=462933446.1658513969&gtm=2oe7k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-H4H9QMEDDC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 108ms
58ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H4H9QMEDDC&cid=462933446.1658513969&gtm=2oe7k0&aip=1&z=579626308

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 59ms
24ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=554069116&gjid=815468093&_gid=310162051.1658513969&_u=YEBAAEIqQAAAAC~&z=1402109571

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aviata.kz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Jul 2022 18:19:29 GMT
content-type: text/plain
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 91ms
41ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=aviata.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 88ms
34ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aviata.kz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 80ms
80ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4011276351167348&correlator=259026290235916&eid=31068526%2C31068572%2C31061165%2C42531605&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=12329540%2Caviata-railways-main&enc_prev_ius=%2F0%2F1&prev_iu_szs=960x70%7C960x120%7C970x90&ifi=1&adks=807452553&sfv=1-0-38&ecs=20220722&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1658513969589&lmt=1657784522&dlt=1658513969037&idt=344&adxs=320&adys=517&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Faviata.kz%2Frailways%2F&frm=20&vis=1&psz=1000x1600&msz=1000x-1&fws=0&ohw=0&ga_vid=462933446.1658513969&ga_sid=1658513970&ga_hid=252558350&ga_fc=true

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

45fc1abc3b06e7c0397e7960e617bd2e658ea3409d1d2fe54706571c5397ee53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16669
x-xss-protection: 0
google-lineitem-id: 5516862917
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326729407
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7262 0
0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 119ms
56ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=554069116&_u=YEBAAEIqQAAAAC~&z=334649826

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.nl/ads/ 42 B
63 B 128ms
56ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=554069116&_u=YEBAAEIqQAAAAC~&z=334649826

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 68ms
23ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=1606637330&gjid=1609308125&_gid=310162051.1658513969&_u=aHDAgEIrQAAAAG~&z=81615626

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aviata.kz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Jul 2022 18:19:29 GMT
content-type: text/plain
access-control-allow-origin: https://aviata.kz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=252558350&t=pageview&_s=1&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=HpouNxhZTfGQ79Ckggk0uQ.1!ku05u-2aScWdheQclfJ0Aw.0&_u=aHDAgEIrQAAAAC~&jid=1606637330&gjid=1609308125&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&cd3=&cd5=&z=1576853363

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 06:36:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=252558350&t=event&ni=0&_s=1&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=rw_main-page&ea=undefined&_u=aHDAAEIrQAAAAG~&jid=&gjid=&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&gtm=2wg7k0P8NW4P&z=1773376460

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 06:36:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.nl/pagead/1p-conversion/825052459/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.nl/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

51ms
48ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MeraYqqZH8DJmLAP2IGGmA0&cid=CAQSKQCNIrLMhCmuPxC6aAXNbsyZwky6L32L6e_gQLy5PZRyM12hXEfxPZmu&eitems=ChAI8JXplgYQr73Jr7qI2fVtEh0AI-dvHosezu3CBDeLlLjr4bId0tHi7wWUA_S-pw&random=1596388440&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.nl/pagead/1p-conversion/825052459/?random=1219842950&cv=9&fst=1658513969450&num=1&value=0&label=t8mECNT-nnoQq5q1iQM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&auid=600747173.1658513969&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MeraYqqZH8DJmLAP2IGGmA0&cid=CAQSKQCNIrLMhCmuPxC6aAXNbsyZwky6L32L6e_gQLy5PZRyM12hXEfxPZmu&eitems=ChAI8JXplgYQr73Jr7qI2fVtEh0AI-dvHosezu3CBDeLlLjr4bId0tHi7wWUA_S-pw&random=1596388440&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/958864753/ 42 B
548 B 85ms
46ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958864753/?random=1658513969448&cv=9&fst=1658512800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&async=1&fmt=3&is_vtc=1&random=2387953505&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.nl/pagead/1p-user-list/958864753/ 42 B
64 B 94ms
47ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/958864753/?random=1658513969448&cv=9&fst=1658512800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Faviata.kz%2Frailways%2F&tiba=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&async=1&fmt=3&is_vtc=1&random=2387953505&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/22301591/
Redirect Chain

https://mc.yandex.ru/watch/22301591?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.ru/watch/22301591/1?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Aut...

392 B
474 B

72ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/22301591/1?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1153925039430%3Ahid%3A707770207%3Az%3A0%3Ai%3A20220722181929%3Aet%3A1658513970%3Ac%3A1%3Arn%3A651361217%3Arqn%3A1%3Au%3A1658513970234179586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658513968953%3Ads%3A6%2C33%2C42%2C1%2C0%2C0%2C%2C33%2C0%2C%2C%2C%2C411%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658513970%3At%3A%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bdf368da4e7bba914ecc691c09426ecb8d3fc97800c4933aeaf3670b7bd3fcbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
last-modified: Fri, 22-Jul-2022 18:19:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aviata.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Fri, 22-Jul-2022 18:19:29 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Fri, 22-Jul-2022 18:19:29 GMT
location: /watch/22301591/1?wmode=7&page-url=https%3A%2F%2Faviata.kz%2Frailways%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A274%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1153925039430%3Ahid%3A707770207%3Az%3A0%3Ai%3A20220722181929%3Aet%3A1658513970%3Ac%3A1%3Arn%3A651361217%3Arqn%3A1%3Au%3A1658513970234179586%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658513968953%3Ads%3A6%2C33%2C42%2C1%2C0%2C0%2C%2C33%2C0%2C%2C%2C%2C411%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1658513970%3At%3A%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://aviata.kz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 22-Jul-2022 18:19:29 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
111 B 64ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 22 Jul 2022 19:19:29 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=252558350&t=data&ni=0&qt=344&_s=2&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEIrQAAAAG~&jid=&gjid=&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&gtm=2wg7k0P8NW4P&z=994505895

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 06:36:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=252558350&t=data&ni=0&qt=346&_s=3&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEIrQAAAAG~&jid=&gjid=&cid=462933446.1658513969&tid=UA-26362551-2&_gid=310162051.1658513969&gtm=2wg7k0P8NW4P&z=1609937822

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 06:36:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42180
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 80ms
70ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7ul7cPdlcMSbv-DjRX4DWn5br-oNrkb2gJPm5zr-NrH8YnlG5cBgEQJaZnMYtmtP6IE9O1xrjqP-rPKuX2jtP6qVFHdSdBQ1FYPFAKBwHektVvpG-bzl_zix7_vrocAW0F5hfgHIly1U45pLKbxNGTJjpI_YwLC67sI-iJWJ-ztJvhpCNPiEWOSzUA_b7um8E8uRWBSdASsXhMvinVXRUrV0jznZdDfp0sRSLkFqt7T79HaQ0XetHhBF3IVUoVUBwVNK60aqlKM2I2ijRACFdKzE_QVSrQqEsbheZbnnqK5WGUqee9p-UiCkAg0Am3TWe_A&sig=Cg0ArKJSzB_F5LgVF4RIEAE&uach_m=[UACH]&adurl=

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ 21 KB
9 KB 194ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aviata.kz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 22 Jul 2022 17:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 17:57:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ 3 KB
1 KB 195ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 17:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 17:23:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 138 KB
43 KB 213ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aviata.kz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 198ms
33ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYPxYOEQxk6RQ0iGrjQcxnEKKITg6V-Pb4qGFDAT7hSIjDaKGFWP6QdIa8Dpv6iw3U1fwfGbDFjdQ2Yzgd6C9ZyuiE6A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 4747510951311563409
tpc.googlesyndication.com/simgad/ 10 KB
10 KB 195ms
26ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4747510951311563409

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9195623250715fd3025288c72a12eae56ae8ca63ee97661abeb847be498582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:05:06 GMT
x-content-type-options: nosniff
age: 285263
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10327
x-xss-protection: 0
last-modified: Mon, 12 Oct 2020 11:22:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jul 2023 11:05:06 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 203ms
45ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=1606637330&_u=aHDAgEIrQAAAAG~&z=1615379574

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.nl/ads/ 42 B
63 B 64ms
60ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26362551-2&cid=462933446.1658513969&jid=1606637330&_u=aHDAgEIrQAAAAG~&z=1615379574

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 172ms
23ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1862079357408316&ev=PageView&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&rl=&if=false&ts=1658513969728&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=62&fbp=fb.1.1658513969727.116665850&it=1658513969412&coo=false&rqm=GET

Requested by

Host: aviata.kz
URL: https://aviata.kz/railways/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 22 Jul 2022 18:19:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 69ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCQzyySRH8O09mnvkmbuv-dMEZ1ES8wIuPf2jZ6Pm0n1zgKGntvxP2sO1uwRNuPypUrqrxoYZDyXvIvvE4_5k3pZ-wzE_fTjak-aIQ5g0lmb7QOo0wU5v7BI324AuwuN-dAR4_g66ui6dhsePr5Byjwml83sJ3wHJDlJI6OhnLA4OGJBqiBkkrbMnb5XwKT3X5VhU-70J2loIxZezmDoQB46T-0WVMlb-32AiZ89j12lIQkJfpi_9XwoOGPykJbfKuRkM4fxdxHpnp8nSpHXhsEA_iL0luuYwTEnnvnQTjYW_MYXjQG7DYCVyqJH9eAOcx8ub0&sig=Cg0ArKJSzK2PkmMJWJk4EAE&uach_m=[UACH]&adurl=

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 18:19:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 22 Jul 2022 18:19:30 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98efceb353363699c3b84aef4edbb992908ba253c3660153b2600cbd71ab4d5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 215ms
56ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9p9qMM_W6_5ZLRClGuvEkJq8lRKFC7W5zbAgULlDT56A62NBLExYcNlD35TcudZ1FNWW_CzKRZgcrFLIFNrmOKRtZNWZyZmiPuGqzMmdnFh2imiyo&sig=Cg0ArKJSzKyLnnBdpJOgEAE&id=lidar2&mcvt=1000&p=0,0,120,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=807452553&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658513968953&rpt=1024&met=mue&wmsd=0

Requested by

Host: railways.aviata.me
URL: https://railways.aviata.me/576a56d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 18:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 56ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1862079357408316&ev=Microdata&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&rl=&if=false&ts=1658513971230&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=62&fbp=fb.1.1658513969727.116665850&it=1658513969412&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://aviata.kz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 18:19:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 22 Jul 2022 18:19:31 GMT

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com
URL: https://bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H4H9QMEDDC&gtm=2oe7k0&_p=252558350&_z=ccd.v9B&cid=462933446.1658513969&ul=en-us&sr=1600x1200&sid=1658513969&sct=1&seg=1&dl=https%3A%2F%2Faviata.kz%2Frailways%2F&dt=%D0%96%D0%94%20%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20-%20%D0%9A%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%BF%D0%BE%D0%B5%D0%B7%D0%B4%20-%20Aviata.kz&_s=2

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aviata.kz/	1970-01-20 13:27:29	Name: __ddg1_ Value: GMrKqQJjQTQ5UCrGFGp0
.aviata.kz/	1970-01-20 06:51:29	Name: _gcl_au Value: 1.1.600747173.1658513969
.aviata.kz/	1970-01-20 04:43:20	Name: _gid Value: GA1.2.310162051.1658513969
.aviata.kz/	1970-01-20 04:41:54	Name: _gat_UA-26362551-2 Value: 1
.aviata.kz/	1970-01-20 22:13:05	Name: _ga_H4H9QMEDDC Value: GS1.1.1658513969.1.1.1658513969.60
.aviata.kz/	1970-01-20 06:43:12	Name: _gaexp Value: GAX1.2.HpouNxhZTfGQ79Ckggk0uQ.19278.1!ku05u-2aScWdheQclfJ0Aw.19280.0
.aviata.kz/	1970-01-20 04:41:54	Name: _gat Value: 1
.aviata.kz/	1970-01-20 22:13:05	Name: _ga Value: GA1.2.462933446.1658513969
.aviata.kz/	1970-01-20 13:27:29	Name: _ym_uid Value: 1658513970234179586
.aviata.kz/	1970-01-20 13:27:29	Name: _ym_d Value: 1658513970
.aviata.kz/	1970-01-20 14:03:29	Name: __gads Value: ID=7ffac7f591a84bfe:T=1658513969:S=ALNI_Mar31EIEFwnta925UQ9REF02btqIQ
.yandex.ru/	1970-01-20 13:27:29	Name: yandexuid Value: 9433216671658513969
.yandex.ru/	1970-01-20 13:27:29	Name: yuidss Value: 9433216671658513969
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1635265401658513969
.yandex.ru/	1970-01-23 20:17:53	Name: i Value: Vb6mkl1JgyhVrIepCx134sf7vhAKjk4WJ3fVFe9VekJ9E+Yv++VQFYSpBkoICZprW3lhUKn/aivnhgV5b64tkYk+ooI=
.yandex.ru/	1970-01-20 13:27:29	Name: ymex Value: 1690049969.yrts.1658513969#1690049969.yrtsi.1658513969
.aviata.kz/	1970-01-20 04:43:05	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 14:03:29	Name: IDE Value: AHWqTUn8I_loE9iAoQwSYIhCBrTSsG_RtrJmIJeT9SLwn-UyTG0DUH1kMfDq6flj
.aviata.kz/	1970-01-20 06:51:29	Name: _fbp Value: fb.1.1658513969727.116665850

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js?cb=31068572(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
api.platform.aviataproject.com
aviata.kz
bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com
cdn.scarabresearch.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
railways.aviata.me
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
bd9013929aecf9593f4487a4e5c4a07f.safeframe.googlesyndication.com
region1.analytics.google.com
142.250.185.194
142.250.186.66
18.66.139.67
186.2.163.27
188.166.120.56
2001:4860:4802:32::36
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c07::9c
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
060181e5ae1cb333bcddd19ae83c994c44d934cf2db04e0216fc092d80e8f889
0f4a119434e005794ed16561ccd108ba2f9b9f1eaf46e6e34654ba3e64647d81
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1f041d5c4383a6f3d84782995b2efa9530713a927d8acb886c2620f2f76e7623
2253962bea63cbe7674623804c8990c41c56e126cb614fe33c6e61534554c95c
24d9fa867bb206e45a717e01ba4a02ec33eedc7882103f5ac708bc3fe46bc8ea
262aa1d7b82ebf87644ba8edaedfdd1cd2b900866b47993fd4aa7ba5e5fa519d
29bfba4e4251f2328b05096ecdc3cf0bd32d67aec0cea4296c1f0928348123b3
2fbb6d423e6c295c1c7a1f8ac632e636a9704c88f7fa642b4af285007fd54d54
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
399debb6e83b2cf1a052766145f11b223b3e3b8531460a0a725e4caf0ff75043
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3e50cf1f331a74c215e120879cce87bb0158b695c9d92c00d4802bfa963d8961
409a96de62a6c4d1e7324a08935bbdfe8c480996842011bf4729cd8c6fa39951
45484fa4b515e6b2e8a802560adb49cc24745a30f4a86bd2b170de3f53936208
45fc1abc3b06e7c0397e7960e617bd2e658ea3409d1d2fe54706571c5397ee53
4a050921521fb617b37bd15c3cd478ec47bc89d477baebfad48f7c01c41db223
529de94cd9160852f93bf05914202c5aa6c40e15f55e876d320886d35235b674
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57be1479021b103e60ec6c1f116e0bf5064b24c4b31bd7617218a65140305c88
5d1780802ae5951d33b28aa1e669627bf8f142949e13dea444aeb423cd6e670e
628eb59d74dc9b4578f9b73a82bc5e4e042fd1f16e3b5a9ba972974bbfba9357
6fabb4964725ee68d3f2c7c86e304bead7e65e2297ebe6ed18a08cce36d995a1
77273767819a71c0bb87dcc943e0b8e4f577a1dc93f8ad5142f40b124f4281d8
7748e857ab7a4ed78f639f9eafe20662a388c0e1e78925544b32812278b163a8
7f0468ac96afcbb9f2713ebde78b69ac1475b78d8dfe354960ee5a5904b9d8d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fcbf525b858d50ef0097fb7f0a64d0d815431b7baa0fee0ee227bb77e6d149
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8efd119ef5d528096c1cef07b5796894e32535cfc06d3ac3910f1978b787c237
91de0a4f997d8efcb61eaefd34e5bfdcbe211e2021339a23ddbba69df8169341
92ce5ace33b82c74f7a28f9e15f7dd08eab6bec1702358b730057401bc6dfd87
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
935be36155c74981c8f8baf473058b6798ab14eafcf898fcf17c1fc7bb0c254a
942b50839b4c887e66f8a0962cb5ec87a757bab5924b1c1431ac80303b26c895
98efceb353363699c3b84aef4edbb992908ba253c3660153b2600cbd71ab4d5d
a14794230866e2c728ef6fc9209c6fe4b80ba968b2f9bbb5035eb3f6f9262899
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a192b0bd8aed19cf28ca00bdfd579714e0cde6dc72b273b6093b9ff380a6b2ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a3654f2b182e8427d8213d088c4e51587cf8fe4760c7686e4fa9e032ded83a
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a8b4af132980a8bf2a89569f4878340ffb57d7b790237749796184a55e560f6e
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
bdf368da4e7bba914ecc691c09426ecb8d3fc97800c4933aeaf3670b7bd3fcbf
bed044bae85326a59c3c61014386dd76b79dfa1cb415e23ca635dc7d5d5cd4dd
c39525ac7d08d152246193c92c4e2fe89195fc47f7e3f78c3d64911a9f4b6653
c69193d60587bf99216bee385b5dc0c73b9d6d1174b445aeb0697cc12e6f6adc
cb9195623250715fd3025288c72a12eae56ae8ca63ee97661abeb847be498582
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d3267c66011f81647c419aa5c2d860fd794166a725bedd37b06fa50329ecfdee
d48d7b8e4f38f634e385328be1e073bc6003ab5c9a79d3307f94bbe8246a7de8
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d6a0b69a681d9f15eebf34122d677fae896de47aa1b35443a176f5443276847f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1f45c2317fa9327cb8159eb20ea08ebee6dc7f69a3d17e68bf9e9efbaa1078
e14d3b37b53b209496218ac89b251789de8794dc2b0d81873a6c563d7263fb55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea04305f71a4cc01b3b51616432eca0f5ff5f67b5659b0b9df7a739f74ef62c3
ea604909ba0751acb97de1c01261d264b3f3cd365c36cebbe859cb248bb19ded
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3cad5caf753a032dd11ee5af9b96cf6e26fcf7b2cb87c2a2104b1468c78de5
efc8e65bc9fb4058af80911eaf621c1399646b3a3b1fd6d5a5f3bbc00246c2d0
f51026d1f24db820fb61d8febf619bbde8562eec3fe859455902777ca1aa40d7
f81e65f554728587e5e930bcbcaf43c94e2bb1ed44103c94dde4872b0b8a70bb
fe5276113a576aea673ec80b81860e459f1f61385672d09ed3981f61b8ef4576
ff9818a59102ee7e9a7813322f07b1b098931331b3c390f28e420b16e182d9cd

aviata.kz Open in urlscan Pro 186.2.163.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

77 %IPv6

17 Domains

24 Subdomains

23 IPs

5 Countries

1262 kBTransfer

3583 kBSize

19 Cookies

2 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aviata.kz Open in urlscan Pro
186.2.163.27 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

77 %
IPv6

17
Domains

24
Subdomains

23
IPs

5
Countries

1262 kB
Transfer

3583 kB
Size

19
Cookies

81 HTTP transactions
11 data transactions