id.nesrakonk.ru Open in urlscan Pro
2606:4700:3034::ac43:8868 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://id.nesrakonk.ru/
Effective URL:
https://id.nesrakonk.ru/
Submission: On August 06 via manual (August 6th 2023, 7:13:52 am UTC) from SG — Scanned from SG

Summary HTTP 121 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 38 domains to perform 121 HTTP transactions. The main IP is 2606:4700:3034::ac43:8868, located in United States and belongs to CLOUDFLARENET, US. The main domain is id.nesrakonk.ru.
TLS certificate: Issued by GTS CA 1P5 on June 21st 2023. Valid for: 3 months.

This is the only time id.nesrakonk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	2606:4700:303... 2606:4700:3034::ac43:8868	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23d... 2600:9000:23d2:d000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:229... 2600:9000:229f:9200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2404:6800:400... 2404:6800:4003:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 6	203.195.121.142 203.195.121.142	7979 (SERVERS-COM) (SERVERS-COM)
5	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:d10... 2a02:6ea0:d100::12	60068 (CDN77 ^_^) (CDN77 ^_^)
1	31.222.226.234 31.222.226.234	8849 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
5 6	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	18.177.252.34 18.177.252.34	16509 (AMAZON-02) (AMAZON-02)
1 1	176.122.21.226 176.122.21.226	48096 (ITGRAD) (ITGRAD)
1	148.251.4.142 148.251.4.142	24940 (HETZNER-AS) (HETZNER-AS)
7	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
2	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2404:6800:400... 2404:6800:4003:c1a::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:d10... 2a02:6ea0:d100::25	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	175.41.155.116 175.41.155.116	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
13	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::95	15169 (GOOGLE) (GOOGLE)
5 8	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	103.43.90.54 103.43.90.54	29990 (ASN-APPNEX) (ASN-APPNEX)
3	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	2404:6800:400... 2404:6800:4003:c01::63	15169 (GOOGLE) (GOOGLE)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	23.76.212.194 23.76.212.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.73.13.122 23.73.13.122	16625 (AKAMAI-AS) (AKAMAI-AS)
7 11	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2406:da18:929... 2406:da18:929:5a01:aa3d:dd4b:67a5:fb53	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:6d0:4001... 2001:6d0:4001::226	() ()
1	35.214.236.30 35.214.236.30	() ()
1	51.89.9.253 51.89.9.253	() ()
121	42

16 2606:4700:3034::ac43:8868 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

id.nesrakonk.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23d2:d000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:229f:9200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4003:c06::9d (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.195.121.142 (Singapore) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:d100::12 (Singapore)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.222.226.234 (Singapore)

ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.213.12.39 (Tokyo, Japan) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.177.252.34 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-252-34.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.226 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.4.142 (Wernigerode, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c0f::9b (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::9d (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:d100::25 (Singapore)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 175.41.155.116 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-155-116.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.245 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::9c (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.200.157 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.54 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.36.83.246 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

p.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.76.212.194 (Hong Kong, Hong Kong) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-212-194.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.73.13.122 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-122.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.158.64 (Singapore) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a01:aa3d:dd4b:67a5:fb53 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (None, ) 1 redirects

ASN- ()

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.236.30 (None, )

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	371 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	97 KB
16	nesrakonk.ru 2 redirects id.nesrakonk.ru	291 KB
15	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1189 eus.rubiconproject.com — Cisco Umbrella Rank: 622 token.rubiconproject.com — Cisco Umbrella Rank: 648 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2500 pixel.rubiconproject.com — Cisco Umbrella Rank: 393	18 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	158 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6852	193 KB
7	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1762 cache.betweendigital.com — Cisco Umbrella Rank: 28517	6 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1114 s.amazon-adsystem.com — Cisco Umbrella Rank: 325	4 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 360	3 KB
6	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 2086 mc.yandex.ru — Cisco Umbrella Rank: 4014 an.yandex.ru — Cisco Umbrella Rank: 5381	162 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633	4 KB
5	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2509 vpaid.vidoomy.com — Cisco Umbrella Rank: 3216 a.vidoomy.com — Cisco Umbrella Rank: 2894 p.vidoomy.com — Cisco Umbrella Rank: 7093	35 KB
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 4316	2 KB
3	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 36850	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	2 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10874	18 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	3 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	705 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 385	946 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15563	1 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	113 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 514	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 889	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 769	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 551	705 B
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 46014	38 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 6124	1 KB
2	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 55345 get.optad360.io — Cisco Umbrella Rank: 34638	1 KB
1	onetag-sys.com onetag-sys.com
1	loopme.me csync.loopme.me	156 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	619 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 391	513 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1360	204 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 326	59 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	601 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 25900	69 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 31515	328 B
121	38

	Domain	Requested by
16	id.nesrakonk.ru	2 redirects id.nesrakonk.ru
15	pagead2.googlesyndication.com	id.nesrakonk.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net id.nesrakonk.ru tpc.googlesyndication.com pagead2.googlesyndication.com
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net eus.rubiconproject.com
7	yastatic.net	yandex.ru
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com id.nesrakonk.ru googleads.g.doubleclick.net
6	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
6	x.bidswitch.net	5 redirects id.nesrakonk.ru
6	ads.betweendigital.com	1 redirects id.nesrakonk.ru vid.vidoomy.com eus.rubiconproject.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	mc.yandex.ru	1 redirects id.nesrakonk.ru
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	sync.bumlam.com	3 redirects
3	kraken.rambler.ru	st.top100.ru id.nesrakonk.ru
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	top-fwz1.mail.ru	id.nesrakonk.ru top-fwz1.mail.ru
3	fonts.googleapis.com	id.nesrakonk.ru googleads.g.doubleclick.net
2	www.tns-counter.ru	1 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	x01.aidata.io	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	id.nesrakonk.ru googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	id.nesrakonk.ru
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	creativecdn.com	2 redirects
2	st.top100.ru	id.nesrakonk.ru st.top100.ru
2	pool.admedo.com	2 redirects
2	vid.vidoomy.com	ads.betweendigital.com vid.vidoomy.com
1	onetag-sys.com	cache.betweendigital.com
1	csync.loopme.me
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	an.yandex.ru
1	p.vidoomy.com	vid.vidoomy.com
1	odr.mookie1.com	id.nesrakonk.ru
1	s0.2mdn.net	googleads.g.doubleclick.net
1	a.vidoomy.com	id.nesrakonk.ru
1	vpaid.vidoomy.com	vid.vidoomy.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.dmp.otm-r.com	id.nesrakonk.ru
1	ads.adlook.me	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	yandex.ru	id.nesrakonk.ru
1	get.optad360.io	id.nesrakonk.ru
1	cmp.optad360.io	id.nesrakonk.ru
121	54

This site contains links to these domains. Also see Links.

Domain
kamiltaylan.blog
nesrakonk.ru
tr.nesrakonk.ru
ua.nesrakonk.ru
kz.nesrakonk.ru

Subject Issuer	Validity	Valid
nesrakonk.ru GTS CA 1P5	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-06-21` - `2023-12-19`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-03-18`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-02-08` - `2024-03-11`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-07-10` - `2024-01-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://id.nesrakonk.ru/
Frame ID: AD0A160960E7E72FA84AA752F85D1870
Requests: 51 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=a6f37f0123013099a595be2217fc435a
Frame ID: 684E359A1205C9A6A71CF7A68457E411
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&CACHEBUSTER=753237
Frame ID: 5940806A265345A3DC00C8D25656B97A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 96671CE2E34F7D42982FB4CFF0A48BD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2661896136775218&output=html&adk=1812271804&adf=3025194257&lmt=1691306024&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fid.nesrakonk.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691306023941&bpp=5&bdt=124&idt=129&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8773431782716&frm=20&pv=2&ga_vid=1068861760.1691306024&ga_sid=1691306024&ga_hid=1275258626&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076087%2C31076652&oid=2&pvsid=1027314663869693&tmod=1920823252&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: 8CCF0D2D5C8ECF7FB4874EA08FFBEED3
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1
Frame ID: 1F3E48BC7FF3AE40CC435AE32139F60B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2A1E016E1EFCDA21AD2460A367725A5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 92A2F57366E4F3147F0EE1E7095300D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2A-AEQzrf29AEYn_6s8AEwAQ&v=APEucNWYLY0HK7m6XiWXiLHS-ZDQT0TdMEppS_z9tL4M0TY5vwez5f-dVIS9_yGdOIzr4zD8yVwGGzqv39G83CWFRfWVsE2VNA
Frame ID: ABAF74597809390AE8A8EB7F707BCEEA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js
Frame ID: 4D08BB58E2C0F7F411B1926F5C4E306B
Requests: 12 HTTP requests in this frame

Frame: https://id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: 82AF583442B4E518207C5834311B66B1
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: ECB7DC786747F3351EB0BBFE96DEB3DA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DBD2EA27675C1EB0CB893F24589521DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 450D3AF84642B735D103A65BC4447E8D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 1353D9EB0469BB4DC89F150C8DDFDFF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6E514A9B7D51BA52FD856057BA939B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 642CC860319D155CDC2B60CE91D3979C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: E9AB51EED570EB969733C6E3706170A9
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 0823A598B1C494942B2FE6EA3A48398D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ensiklopedia keuangan - Konsep dan istilah keuangan

Page URL History Show full URLs

http://id.nesrakonk.ru/ HTTP 301
https://id.nesrakonk.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

121
Requests

81 %
HTTPS

42 %
IPv6

38
Domains

54
Subdomains

42
IPs

10
Countries

1564 kB
Transfer

4198 kB
Size

62
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://kamiltaylan.blog/
Title: KamilTaylan.blog

Search URL Search Domain Scan URL

URL: https://nesrakonk.ru/
Title: RU

Search URL Search Domain Scan URL

URL: https://tr.nesrakonk.ru/
Title: TR

Search URL Search Domain Scan URL

URL: https://ua.nesrakonk.ru/
Title: UA

Search URL Search Domain Scan URL

URL: https://kz.nesrakonk.ru/
Title: KZ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://id.nesrakonk.ru/ HTTP 301
https://id.nesrakonk.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413&crf=1&rts=-4840898120057428759

Request Chain 21

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6d9a30a5-860e-46ad-82f7-3b94fcacb719 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6d9a30a5-860e-46ad-82f7-3b94fcacb719 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b203029d-0956-4193-af63-fb7b0a5d9e16&user_group=1&ssp=between&bsw_param=6d9a30a5-860e-46ad-82f7-3b94fcacb719 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6d9a30a5-860e-46ad-82f7-3b94fcacb719

Request Chain 22

https://ads.adlook.me/csync?pid=btw&uid=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=4848bdd73de749999d78a9c709449aa7

Request Chain 35

https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1 HTTP 302
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1

Request Chain 37

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fpbscookie%253Fuid%253D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%2526vid%253Da6f37f0123013099a595be2217fc435a%2526dspid%253DCEN HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fpbscookie%253Fuid%253D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%2526vid%253Da6f37f0123013099a595be2217fc435a%2526dspid%253DCEN&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3DCEN HTTP 302
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&vid=a6f37f0123013099a595be2217fc435a&dspid=CEN

Request Chain 56

https://id.nesrakonk.ru/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1&C=1

Request Chain 58

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM9IKcAcQ26Chp4cpcIbsAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEI3AONeKv04MJnZf7f2q6U&google_cver=1

Request Chain 60

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNzI3NTg2NDAzMTgzODgzMg%3D%3D

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://mc.yandex.ru/watch/56818315?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A1346653700032%3Ahid%3A481394255%3Az%3A0%3Ai%3A20230806071345%3Aet%3A1691306025%3Ac%3A1%3Arn%3A1061861446%3Arqn%3A1%3Au%3A1691306025391397923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C15%2C1665%2C338%2C1003%2C0%2C%2C672%2C8%2C%2C%2C%2C3697%3Aco%3A0%3Acpf%3A1%3Ans%3A1691306021130%3Arqnl%3A1%3Ast%3A1691306025%3At%3AEnsiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/56818315/1?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A1346653700032%3Ahid%3A481394255%3Az%3A0%3Ai%3A20230806071345%3Aet%3A1691306025%3Ac%3A1%3Arn%3A1061861446%3Arqn%3A1%3Au%3A1691306025391397923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C15%2C1665%2C338%2C1003%2C0%2C%2C672%2C8%2C%2C%2C%2C3697%3Aco%3A0%3Acpf%3A1%3Ans%3A1691306021130%3Arqnl%3A1%3Ast%3A1691306025%3At%3AEnsiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 87

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6d9a30a5-860e-46ad-82f7-3b94fcacb719&ssp=between&gdpr=&gdpr_consent=

Request Chain 91

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiqkL2mBqIBEMh638w0KBHusdoAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c87adfcc-3428-11ee-b1da-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c87adfcc-3428-11ee-b1da-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=pxCm%2FjJPvdinJra4tZ7%2Fyw& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/c87adfcc-3428-11ee-b1da-002590c82437

Request Chain 106

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 109

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=LKZ3XVRW-27-DBBK HTTP 302
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LKZ3XVRW-27-DBBK

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEErsPO_PEKJvSwo6ilaPTBU&google_cver=1

Request Chain 111

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=87467dcf-5343-46ce-8bee-f62df423ef09&gdpr=0&gdpr_consent=&expires=30

Request Chain 112

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtaM1hWUlctMjctREJCSw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAgWDXn64jAbQnZJoXqkPVQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtaM1hWUlctMjctREJCSw==&google_push=

Request Chain 113

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JTbuw_7-Qh-SN7g28c7OvA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JTbuw_7-Qh-SN7g28c7OvA

Request Chain 114

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BhbEcE9GRnmaljQqabTI6A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BhbEcE9GRnmaljQqabTI6A

Request Chain 115

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKZ3XVRW-27-DBBK

Request Chain 116

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/x9rrDtiJ6amRS8FavRYwe8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Un.icM1E2oLPgilJDtql6uOYxc.41KeM7xV7Xw--~A

Request Chain 117

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1NmE5OGU0ZDdkMTI1MzFjMGFjZWEyNWVjNWRjNGZkMDc2ZDdlNA

Request Chain 118

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237

Request Chain 119

https://x.bidswitch.net/sync?dsp_id=429&user_id=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&expires=60 HTTP 302
https://csync.loopme.me/?partner_id=1196&uid=6d9a30a5-860e-46ad-82f7-3b94fcacb719&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

121 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
id.nesrakonk.ru/
Redirect Chain

http://id.nesrakonk.ru/
https://id.nesrakonk.ru/

66 KB
13 KB

1683ms
1666ms

Document
text/html

2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04f93aef550953cd460b26e8c6713c52208ea2fb9966d5842da02262ab4dfb5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f257a8e79c29fc8-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 06 Aug 2023 07:13:43 GMT
link: <https://id.nesrakonk.ru/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fgh2mmoKcqoAMJ1o%2FDDRXwRZINvZVbApG55ZKflRs6ghGmA7eSn53OhqwNpnWELwcXNy0j9cMAPpDQih%2FMuN2yDAl4shexVK45zRFX5YO%2BwZptB8ewdknErpO3RQI6PR7E9rEErb%2BwjAQwZcFF0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7f257a8e3ed96bbb-SIN
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 06 Aug 2023 07:13:42 GMT
Expires: Sun, 06 Aug 2023 08:13:42 GMT
Location: https://id.nesrakonk.ru/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OHw0mngIlk1wyn3R1EUkIWqea%2Fc%2BD1e8qFavt3X1L2Ji9u0CODOAbsGGetT4eTirxzifkJ0do4KwUHyYEvObQCAtnqwSOmN0pjziard5fmCBdXQQuC6xIKRbsv%2B1cNBcQwKoWhpt76TacINgmc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 5821d831-02ac-4374-a4fa-ee4c3db5e9d3.min.js Show response
cmp.optad360.io/items/ 497 B
853 B 46ms
6ms Script
application/javascript 2600:9000:23d2:d000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/5821d831-02ac-4374-a4fa-ee4c3db5e9d3.min.js
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d2:d000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 04:13:30 GMT
via: 1.1 1b42f8a12f90ea0a7f04e17b988d6830.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 10828
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 497
x-amz-cf-id: 7rONnSeuoSYXXn6OPIjzp6nymKvnXMoYaGJXvnFYk4M7fTS_5kcovg==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/8fb80c6f-017d-4735-a448-bbf37a7d080d/ 2 B
409 B 123ms
5ms Script
application/javascript 2600:9000:229f:9200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/8fb80c6f-017d-4735-a448-bbf37a7d080d/plugin.min.js
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:9200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 03:01:33 GMT
via: 1.1 e5793992853fceac3581bde796b6f5ba.cloudfront.net (CloudFront)
last-modified: Fri, 23 Jun 2023 10:18:52 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 15499
x-amz-server-side-encryption: AES256
etag: "99914b932bd37a50b983c5e7c90ae93b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 2
x-amz-cf-id: o6e9nF8QratzIC5vhlqNrHACwzJp42cxIT1XKo6W6nhhCgaBNTzfTg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 31ms
20ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2661896136775218

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9f070e4ef646e1ee3e2a9814055422f99b76118770a09960d30260b9668913a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50853
x-xss-protection: 0
server: cafe
etag: 16985769039283494160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 20ms
8ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de48a1559f0ab973cee3ee26a794d5931aa9d7d7887290bfe13436cf7f3f5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 07:13:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 07:13:43 GMT

GET
H2 403 style.min.css
id.nesrakonk.ru/wp-includes/css/dist/block-library/ 0
0 11ms
8ms Stylesheet
text/html 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.nesrakonk.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FgN6QxUHwe592tUiD1pz5CUlEu1rwxFnLUMIAVSmWvHNrsX74CwyblbIQ%2Fd5mgvw9DSUSvGiJ4Au%2BQ7s9HpcQ3NbBa0jmsfzpWC3wULW6aZ0zsnLZh06PKwIuMuhbLnAwh6PGPPRSzsF3m1eOk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f257a98ece19fc8-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 main.min.css
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/css/ 92 KB
19 KB 18ms
15ms Stylesheet
text/css 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.7.16
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722bca0f91daf3eaed212ada19ad6809a179bd9d576051ada272c6098ae1c37d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 04:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6529
etag: W/"17182-61c159a6-1940752;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrZhdg7JV%2FFLsdkRMgfYfbYto0QktKM%2FW0XhVWV05mgnR5hcSXIEfwucY9IjFctn%2FhAlnFkJ6krs%2F5Q6dv5ysBfWPklNr949LSPcjI4p9YbB%2FdkMTgy12AoF2wRM3Z1JD4d8wmdIRkeCtNavim0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f257a98ece29fc8-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 02 Nov 2022 09:10:38 GMT

GET
H2 200 font-awesome.min.css
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/css/ 58 KB
13 KB 15ms
12ms Stylesheet
text/css 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.7.16
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 07:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6529
etag: W/"e877-61628fc5-1940751;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKzdvo2IeiT1qS9%2FZKHW3mPrA3NhjTvKOzT1LdMxFrC2fQBEUsS%2BzhIdmYnIgcs70nuKlTRZcSuGEXNhqw9mc8mktiOontIjXX9otvQv4SVQ2NiT5gdPkYsZ7ovtNRrH4OgamnVm9vwovUQhA9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f257a98ece39fc8-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 02 Nov 2022 09:10:39 GMT

GET
H2 200 jquery.min.js Show response
id.nesrakonk.ru/wp-includes/js/jquery/ 87 KB
32 KB 18ms
16ms Script
application/x-javascript 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 09:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6529
etag: W/"15db1-628caaee-19215e0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuRlux1Lf92cuEKUFts0S3iGri6qGcrblRqX%2FeKBYF6Nmc3Qb3PDgRTz7TAkPvpLsQMgp4kS92hCXVtkKbRcqqBcoT2irfo3NUDEXcyInN8TD9cXQlnpnEyftR2onrA9P9hutPgnIVv25G4gAGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f257a98ece49fc8-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 02 Nov 2022 09:10:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
id.nesrakonk.ru/wp-includes/js/jquery/ 11 KB
5 KB 16ms
14ms Script
application/x-javascript 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 09:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6529
etag: W/"2bd8-628caaee-19215db;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZq92NiLrasaR3aDinbXy%2FHnaYhgBV8%2FfoNy3VEwxm9ps4vqGRXFoHhOkkF8x6J7orybY5bGIIrtNT7TawDTeSHVj6flRsAjTl5OQEQkEC1VxQVX5d2NHnRaXX3E9t%2BUmJa1fRol0YuWyU4LglM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f257a98ece59fc8-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 02 Nov 2022 09:10:40 GMT

GET
H2 200 fa-brands-400.woff2
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/ 77 KB
77 KB 571ms
569ms Font
font/woff2 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Oct 2021 07:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13288-61628fc5-1940778;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM%2BTHmAsoE%2BhW%2BbGAwzjUbAb98lGgBwlyLfxddIMDoO8X9Za%2B2DjUjwE%2BZ0%2B4QEmOpIImy8uqMMgHSOGUnwDiQ7ih8kQgZxsKU6YRG6w9kgLdgmnm5YyC%2Bjan5WoMGKQLfgjG1Hmt2PxLjN5cBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f257a98ece69fc8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 78472
expires: Wed, 02 Aug 2023 23:43:54 GMT

GET
H2 200 fa-regular-400.woff2
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/ 13 KB
14 KB 528ms
527ms Font
font/woff2 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Oct 2021 07:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3514-61628fc5-1940771;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ4h4u1XGHA8xAVPVNEbRdboeeYaAk3f6tdT7e3mREgB%2FAEKDc6uyMiC5h2%2FmgasdUGnQbHllqfZGY1izGMDFcITXm3MhqaJEqSehr2CTIBsEvXTqRcRV9A214ekzX3HrQU2xjzFPx2bxzy1O7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f257a98ece79fc8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 13588
expires: Fri, 21 Jul 2023 02:11:26 GMT

GET
H2 200 fa-solid-900.woff2
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/ 78 KB
79 KB 494ms
493ms Font
font/woff2 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 10 Oct 2021 07:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1397c-61628fc5-194076c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBqTuHea8iXc5rdKM4GrIxA0rZ0uoawqBpq%2Fuob755zUntfSYkGVVyhMnh3zfZnP107dLHyYos4xKEUmQ2YtDUqM9Pg3%2F%2BLRwgdCmXsg8FJJaU32nVuhvLyQq9%2F4zmOWY8dJVPVP7Jm8N3%2ByOSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f257a98ece89fc8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 80252
expires: Wed, 02 Nov 2022 09:10:41 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 301 KB
86 KB 695ms
216ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

94de6dccadf5d43fd19c5db39b8fb07a4dba481897d5d82a139f7bab108638c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1691306024458200-17968676784502161113-balancer-l7leveler-kubr-yp-sas-103-BAL-6687
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 06 Aug 2023 08:13:44 GMT

GET
H3 200 wp-emoji-release.min.js Show response
id.nesrakonk.ru/wp-includes/js/ 18 KB
5 KB 12ms
11ms Script
application/x-javascript 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 May 2022 09:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1596
etag: W/"4705-628caaee-1921516;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmAKfHgb3bSjV%2Fia2Ly5C4VLCaL%2FwBvGiBZTW%2FAYYByXjbx%2Fja0xe1GUhF8IO1QiBaL8m24IfJYrF%2F5eeFO0tLCVmwt951LQixu8SuFAdV7dqxzgUZdUG0jR8NuLFb9DhvNfHRIILYdCMNEumfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f257a994aa73f6a-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Mar 2023 22:00:42 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 948ms
445ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-126d5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75477
expires: Sun, 06 Aug 2023 08:13:44 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 38 KB
17 KB 705ms
217ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

33f9e72e88b0e060a4ab8765a71da98b5e964c93021cf4e457f1f56a2a40d3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Mon, 24 Jul 2023 14:43:08 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"64be8dfc-99f9"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 06 Aug 2023 08:13:44 GMT

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413
https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413&crf=1&rts=-4840898120057428759

1 KB
1 KB

7ms
6ms

Script
text/javascript

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413&crf=1&rts=-4840898120057428759
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 10b8c4d973307cd90e137e1d319c8d0ce53e18c26538470b2281182a122cb887

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1070
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=42565&randsalt=5443073413&crf=1&rts=-4840898120057428759
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 16ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:59:35 GMT
x-content-type-options: nosniff
age: 242048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:59:35 GMT

GET
H2 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 38 KB
38 KB 19ms
10ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:53:05 GMT
x-content-type-options: nosniff
age: 242438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:53:05 GMT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 684E 49 KB
18 KB 30ms
6ms Document
text/html 2a02:6ea0:d100::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sun, 06 Aug 2023 07:13:43 GMT
etag: W/"64abbb76-c2af"
last-modified: Mon, 10 Jul 2023 08:04:06 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AVm7ooTQlLP/KOcDAA
x-77-nzt-ray: 2ed93b148890abed2748cf64c1ec8638
x-77-pop: singaporeSG
x-accel-date: 1691050239
x-accel-expires: @1692087039
x-age: 255784
x-cache: HIT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 5940 4 KB
1 KB 1494ms
3ms Document
text/html 31.222.226.234
MELBICOM-EU-AS Me...

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&CACHEBUSTER=753237
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=42565&randsalt=5443073413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.222.226.234 , Singapore, ASN8849 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software: nginx /
Resource Hash: 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 06 Aug 2023 07:13:45 GMT
etag: W/"638623e5-e7e"
last-modified: Tue, 29 Nov 2022 15:23:17 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 43
x-cdn-request-id: 7efe8dedf97b30c1b19d8a09a85b0708

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6d9a30a5-860e-46ad-82f7-3b94fcacb719
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6d9a30a5-860e-46ad-82f7-3b94fcacb719
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b203029d-0956-4193-af63-fb7b0a5d9e16&user_group=1&ssp=between&bsw_param=6d9a30a5-860e-46ad-82f7-3b94fcacb719
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6d9a30a5-860e-46ad-82f7-3b94fcacb719

68 B
598 B

5ms
4ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=6d9a30a5-860e-46ad-82f7-3b94fcacb719
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=6d9a30a5-860e-46ad-82f7-3b94fcacb719
Date: Sun, 06 Aug 2023 07:13:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ads.adlook.me/csync?pid=btw&uid=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=4848bdd73de749999d78a9c709449aa7

68 B
598 B

7ms
7ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=4848bdd73de749999d78a9c709449aa7
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=128&external_user_id=4848bdd73de749999d78a9c709449aa7
date: Sun, 06 Aug 2023 07:13:44 GMT
server: Microsoft-IIS/10.0

GET
H2 204 btw
sync.dmp.otm-r.com/match/ 0
69 B 560ms
165ms Image
text/plain 148.251.4.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.4.142 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.4.251.148.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Aug 2023 07:13:44 GMT
server: nginx/1.17.6

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 371 KB
125 KB 43ms
34ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2661896136775218

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e56b2b38af72301f541319d4c9b6565e0a654e85b3bcf5542996c77b86dedcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
server: cafe
etag: 3610653849196144361
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 9667 10 KB
5 KB 21ms
4ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2661896136775218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 46562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 18:17:42 GMT
etag: 12368291122986407432
expires: Sat, 19 Aug 2023 18:17:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 108 KB
34 KB 800ms
397ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: 6a15a5675337004c52555a8372b17186e19e0491dfa646ab3a5fa851d0ab7b03

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 08:51:23 GMT
server: nginx
x-amz-request-id: tx000000000000014acdc3e-0064cf46e3-e8bb14d-default
etag: W/"c40eb4efd2a278581b91622c66f6824c"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=3600
expires: Sun, 06 Aug 2023 08:13:44 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:59:35 GMT
x-content-type-options: nosniff
age: 242049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:59:35 GMT

GET
H3 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 20 KB
20 KB 116ms
116ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:25:14 GMT
x-content-type-options: nosniff
age: 240510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 12:25:14 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 91ms
6ms Script
text/javascript 2404:6800:4003:c1a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=id.nesrakonk.ru&callback=_gfp_s_&client=ca-pub-2661896136775218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d151ceb5573035841141679f548ed0f594af7f7025058a04977e238c2fe69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CCF 286 KB
82 KB 548ms
547ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2661896136775218&output=html&adk=1812271804&adf=3025194257&lmt=1691306024&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fid.nesrakonk.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691306023941&bpp=5&bdt=124&idt=129&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8773431782716&frm=20&pv=2&ga_vid=1068861760.1691306024&ga_sid=1691306024&ga_hid=1275258626&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076087%2C31076652&oid=2&pvsid=1027314663869693&tmod=1920823252&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

908f85eb29b402fa6c9d6ee53fd3bbd6f82626c8e867beaf1523ccfbaf614c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83701
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 07:13:44 GMT
expires: Sun, 06 Aug 2023 07:13:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 684E 1 KB
840 B 29ms
3ms XHR
application/json 2a02:6ea0:d100::25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d100::25 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: singaporeSG
date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 254146
x-accel-date: 1691051878
x-77-nzt: AY/0IZuRQIr/wuADAA
x-accel-expires: @1692088678
last-modified: Mon, 10 Jul 2023 08:02:46 GMT
server: CDN77-Turbo
etag: W/"64abbb26-479"
x-77-nzt-ray: 31887a0b5ebeaa052848cf64f7d0470b
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H3 200 underscore.min.js Show response
id.nesrakonk.ru/wp-includes/js/ 19 KB
8 KB 589ms
589ms Script
application/x-javascript 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 24 May 2022 09:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a7d-628caaee-1921509;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZjZQrMkvJH628W2SBSomwFHzmmj6CLRKOuPZKt0ZYR1KZ8gv%2FLHeD206vHo8Ci41zYo5PQ4Q%2Bu%2FLn6Xikih4C06LJ%2FYLWm%2BjnK4o5IcgKaFfLZ%2FFzAbPzv6FQfamoCjMlcdEGZOZk5KADj4OR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f257a9b0ca63f6a-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Mar 2023 22:00:41 GMT

GET
H3 200 scripts.min.js Show response
id.nesrakonk.ru/wp-content/themes/hueman/assets/front/js/ 76 KB
22 KB 16ms
16ms Script
application/x-javascript 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.16
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32786d444e9857efb3f20c41c2b06bb1c814b0ccf3de31d83bec30c8b3fa96d3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 07:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1597
etag: W/"12e40-61628fc5-19407b3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DvSHoiiHVAYXk54g0xzXrAUZy0LDI2qmGUA7m3YaajVAIO5nWCjH%2F4cV8%2BD5IYgL%2B7BxOo3RIdSyu5bs6KEg9lTOHu6kedVkR7Wcy2AmI0c26Zv%2FgFu3RtXymkRJ6TgiHmqFABwCPYWMUxf1ag%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 7f257a9b0ca73f6a-SIN
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Mar 2023 22:00:42 GMT

GET
H3 200 4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 21 KB
21 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400italic,300italic,300,700&subset=latin,cyrillic-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:08 GMT
x-content-type-options: nosniff
age: 243516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21128
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:04:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:35:08 GMT

GET
H2

200

dspsync Show response
vid.vidoomy.com/ Frame 1F3E
Redirect Chain

https://creativecdn.com/cm-notify?pi=vidoomy
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1

37 KB
15 KB

260ms
258ms

Document
text/html

2a02:6ea0:d100::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d100::12 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sun, 06 Aug 2023 07:13:45 GMT
etag: W/"621c89af-93db"
last-modified: Mon, 28 Feb 2022 08:37:03 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AVm7ooQ3Aaeh
x-77-nzt-ray: 2ed93b148890abed2848cf64474fbe36
x-77-pop: singaporeSG
x-cache: MISS

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 06 Aug 2023 07:13:44 GMT Sun, 06 Aug 2023 07:13:44 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1
pragma: no-cache

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 684E 43 B
235 B 112ms
78ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 07:13:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

204
No Content

pbscookie
a.vidoomy.com/api/rtbserver/ Frame 684E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a595be2217fc...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3Da6f37f0123013099a5...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fu...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscook...
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&vid=a6f37f0123013099a595be2217fc435a&dspid=CEN

0
343 B

632ms
178ms

Image
text/plain

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&vid=a6f37f0123013099a595be2217fc435a&dspid=CEN
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: HTTP/1.1
Server: 212.36.83.245 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 07:13:45 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

Redirect headers

date: Sun, 06 Aug 2023 07:13:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=865714bf-7e80-453b-bb57-f518e02c63d4-64cf4828-5347&vid=a6f37f0123013099a595be2217fc435a&dspid=CEN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 154 KB
52 KB 22ms
21ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffae75c7a64492ee940a0290db43d3e08ebc2f3e92fdf9512342e3318925581b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53490
x-xss-protection: 0
server: cafe
etag: 9434323741752848201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame B2A1 10 KB
4 KB 5ms
5ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 46388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 18:20:36 GMT
etag: 12368291122986407432
expires: Sat, 19 Aug 2023 18:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 92A2 10 KB
4 KB 5ms
5ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 46388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 18:20:36 GMT
etag: 12368291122986407432
expires: Sat, 19 Aug 2023 18:20:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B2A1 4 KB
767 B 8ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 07:04:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2A1 205 B
650 B 18ms
5ms Image
image/png 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 21:03:42 GMT
x-content-type-options: nosniff
age: 123002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Aug 2024 21:03:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B2A1 604 B
695 B 18ms
5ms Image
image/png 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 03:06:50 GMT
x-content-type-options: nosniff
age: 101214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 04 Aug 2024 03:06:50 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame B2A1 15 KB
6 KB 16ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 16:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 16:51:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame B2A1 20 KB
9 KB 15ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:22:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ABAF 624 B
246 B 14ms
11ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2A-AEQzrf29AEYn_6s8AEwAQ&v=APEucNWYLY0HK7m6XiWXiLHS-ZDQT0TdMEppS_z9tL4M0TY5vwez5f-dVIS9_yGdOIzr4zD8yVwGGzqv39G83CWFRfWVsE2VNA

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 07:13:44 GMT
expires: Sun, 06 Aug 2023 07:13:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 4D08 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:22:24 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 4D08 7 KB
3 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
server: cafe
etag: 10703168227084058840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 18:10:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4D08 0
0 66ms
50ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_rlRqAysCCtV6LdXUeY3wCRs651DvJm4juq77zbMyROu7DoMCcCWWKZ2uwL4XecX-62JxwyXoO_Bp5DT1i_Ei9oVLT0I_xQ2lZxm0vu_jdE4DuJZtD2GRBUImDzmeHs5T2UP4xffzW15pPNbyvTISeEa6ZXkzTHFO_moBjWN7S6ZOObONJ44ZcrMgzpOdB_R4QJ-u8_BQNkjg1Z0Ywfmat4L4Lh6KPRjisG-VvO00xx9slZ9sq9Bx4CdeyCjOsZ_JOJB-pzPlYU9zwPAl0LifY_pgCRJUccRt2frWWptm9BLYz6fXr9eCb0z9p5HFvDpN86KDbw5pVTvUvtlZw_inwekruZebdyU6LTTOlZ81dYB6PEX-yV0vOPvkOd7SNb3aLk6_bFsjFC0nKLKQ3Fah-qXa-3QXA6pExJi50IT8Iho3L0zKoTpztP-4nd1P97QZbbPJS0UE2Bcj3ipx8H3XJRsbNm9zHA1M1XiwwIbUEEPomJXJqfHFfI1dIfHbjgzzeSMMrjATvpoAmZk_5Hro1AxgBF8aN1T-fQuVONvV_x8L6wUAw8lZ9qUArxz6oNodss_2A4gCvLImB6oGoaOvJovvpNiWBM_KQW0ggPVdV1mTm_9PMZ4NIq5gMVfQlDdHp-KQ_trfulRepIr2Y3pcHJNfw9k6kVqICWPURltGp4BViv0lro_XAj6fo2TNsqlUqBdllCHQs5thGXY3u4pcUpSgJVqw_TA6VKEJJhiACYuAr2WJGOvjag6M3kN36cVcZ1nnHDL9h_CqsvUHEGABQfWE9LXeX_MDiYaB0K4L5NIrAPHN7x53HqkddAm8NQhH8GAbiZWZqpmCtazdm9nlnEgS_7MwebpLWJsRXjGJw0OXlomOSyvtyz60S2L1WQ-Og6Zlix9Oa-YBfTcoD4W4IWCKmWyBQDL3uTndm29jQpCCU8jlPS0OPyk7S6ABK-Ijx9kBrzzzuwxmtNdkk6ZXQaTjZ1mY97kcA-r7_UMxSF2t2092XHQAashIfPeglRxzbne2rolf5rs_sviKTyIn7eV3Z2OUbsJ6mzaqaZg69CZJjyivHMadR0v3BVjwTgaiUDDH7KbyN-TSnlApsxVKQxqafLrycpJtIaJ9Xj1LH2sVajYFIU1o6QnBGTQ7obRGiXSZ-knlvfhhzHg6Aos&sai=AMfl-YQL6Fei7oZ7xrLUxv_ZLlA_PMZ0f6VKKLptA2TfbWidtg5lNoCCZBJOZUefnhka2jIamU0TUh5KQy1J7ymGPDxk2aDgtI3UmSKOm5geDXhBWhAxX9R2HZCDUhoQhXnl6lWoG68Q_VdxeycK1nf-y-NS_eXxk1D2L6AXj6jCGJjwGb50ShY0cbc0vaUUYppTj9I-9aObGIcfQcGZO4TeZKmx-xNJx5tPUZs9em7Bgls&sig=Cg0ArKJSzHiOcetj1lHhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230802.66484&arae=0&ftch=1&adurl=

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 07:13:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D08 41 KB
14 KB 10ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 05:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 05:19:40 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 4D08 3 KB
1 KB 9ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 4D08 20 KB
8 KB 8ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D08 179 KB
57 KB 20ms
5ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D08 42 B
63 B 52ms
49ms Image
image/gif 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dd0Tqj1xKhPxV6E5ur6mjPyP96eltFaB4kTkWZug2qkBJuJww2IzgONm9lzCnaHnCM-xz2lzEvXrB3l52BJZMpDLISkZKsYt1K29hQ8HCJ-9aHX-0

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14123479323141179748
s0.2mdn.net/simgad/ Frame 4D08 58 KB
59 KB 27ms
9ms Image
image/png 2404:6800:4003:c02::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14123479323141179748

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

803acb5a5ca3e2b381586c81270037f671b5fe762a43eb6d4893018db46ce8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59758
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 05:55:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Aug 2024 07:13:44 GMT

GET
H3

200

invisible.js Show response
id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame 82AF
Redirect Chain

https://id.nesrakonk.ru/cdn-cgi/challenge-platform/scripts/invisible.js
https://id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

7 KB
4 KB

10ms
10ms

Script
application/javascript

2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Server

2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abd92f157df7b8b750b9d7ff0d817a55f3ade710de1901a19f2d3233b400c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61vHdBsfllw8v7hQt9b19WtoAbwHVktf0fzqxigBdCVN9QkCQz7ao3chLfb4NJi97ZADZ0aeXtxd6CR8%2FcBMx70x60uIFhRshYf52qjW18RTJzmcDsrX4bF4HMooWhDeUS9r1WCF4BYhWiazh%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f257aa00b0b3f6a-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 06 Aug 2023 07:13:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSxn9dZfEkhbSKwKFku91IY4i%2Bdtq7bT0nuxqP%2FlTktoQQRFWHvqeVcr9J5SmVqC1vwn1lMU0lYSTRRRunTQBjDxrZE%2BQMBehE%2BnuYNg15M8wopQJ3%2BGp6Z0SoXdCTgPr25goepgM5RYBsbNk0U%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f257a9f3a253f6a-SIN
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1&C=1

43 B
632 B

36ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2A-AEQzrf29AEYn_6s8AEwAQ&v=APEucNWYLY0HK7m6XiWXiLHS-ZDQT0TdMEppS_z9tL4M0TY5vwez5f-dVIS9_yGdOIzr4zD8yVwGGzqv39G83CWFRfWVsE2VNA
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 07:13:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 07:13:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ABAF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZM9IKcAcQ26Chp4cpcIbsAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1

43 B
632 B

36ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2A-AEQzrf29AEYn_6s8AEwAQ&v=APEucNWYLY0HK7m6XiWXiLHS-ZDQT0TdMEppS_z9tL4M0TY5vwez5f-dVIS9_yGdOIzr4zD8yVwGGzqv39G83CWFRfWVsE2VNA
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 07:13:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBnk0fiJZryItYWtPv9YKaQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame ABAF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEI3AONeKv04MJnZf7f2q6U&google_cver=1

43 B
844 B

10ms
10ms

Image
image/gif

103.43.90.54
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEI3AONeKv04MJnZf7f2q6U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO2A-AEQzrf29AEYn_6s8AEwAQ&v=APEucNWYLY0HK7m6XiWXiLHS-ZDQT0TdMEppS_z9tL4M0TY5vwez5f-dVIS9_yGdOIzr4zD8yVwGGzqv39G83CWFRfWVsE2VNA

Protocol

Server

103.43.90.54 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
an-x-request-uuid: f3541854-5390-4374-a1ba-ad87d894323e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.208; 209.58.162.208; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEI3AONeKv04MJnZf7f2q6U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ABAF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNzI3NTg2NDAzMTgzODgzMg%3D%3D

170 B
188 B

9ms
8ms

Image
image/png

74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNzI3NTg2NDAzMTgzODgzMg%3D%3D

Requested by

Protocol

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
an-x-request-uuid: 44cde738-23bf-4430-a5e9-3f43817fd706
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNzI3NTg2NDAzMTgzODgzMg%3D%3D
x-proxy-origin: 209.58.162.208; 209.58.162.208; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ECB7 14 KB
1 KB 7ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 06:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame ECB7 2 KB
892 B 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame ECB7 23 KB
9 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBD2 143 B
166 B 9ms
6ms Document
text/html 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1591
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 06:47:13 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame ECB7 3 KB
1 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame ECB7 20 KB
8 KB 8ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ECB7 179 KB
56 KB 9ms
3ms Script
text/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 07:13:44 GMT

GET
H2 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame ECB7 33 KB
14 KB 11ms
4ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 18:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:28:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 18:59:13 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1006 B 216ms
216ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3230435;u=https%3A//id.nesrakonk.ru/;st=1691306024824;title=Ensiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f0ced90c6b89d919;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1691306024954%3A1691306024955%3A1%3A0159c72424bc569f5215f392d55cc432;visible=true;_=0.5955059071056825

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://id.nesrakonk.ru/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://id.nesrakonk.ru
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://id.nesrakonk.ru
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://id.nesrakonk.ru
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ Frame 4D08 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05942573f213a8e42feb7fc51e761f032b953bea7399e99cfcd37673e0cba46b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 450D 22 KB
8 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 92218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 05:36:47 GMT
expires: Sun, 04 Aug 2024 05:36:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4D08 0
0 50ms
47ms Fetch
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_rlRqAysCCtV6LdXUeY3wCRs651DvJm4juq77zbMyROu7DoMCcCWWKZ2uwL4XecX-62JxwyXoO_Bp5DT1i_Ei9oVLT0I_xQ2lZxm0vu_jdE4DuJZtD2GRBUImDzmeHs5T2UP4xffzW15pPNbyvTISeEa6ZXkzTHFO_moBjWN7S6ZOObONJ44ZcrMgzpOdB_R4QJ-u8_BQNkjg1Z0Ywfmat4L4Lh6KPRjisG-VvO00xx9slZ9sq9Bx4CdeyCjOsZ_JOJB-pzPlYU9zwPAl0LifY_pgCRJUccRt2frWWptm9BLYz6fXr9eCb0z9p5HFvDpN86KDbw5pVTvUvtlZw_inwekruZebdyU6LTTOlZ81dYB6PEX-yV0vOPvkOd7SNb3aLk6_bFsjFC0nKLKQ3Fah-qXa-3QXA6pExJi50IT8Iho3L0zKoTpztP-4nd1P97QZbbPJS0UE2Bcj3ipx8H3XJRsbNm9zHA1M1XiwwIbUEEPomJXJqfHFfI1dIfHbjgzzeSMMrjATvpoAmZk_5Hro1AxgBF8aN1T-fQuVONvV_x8L6wUAw8lZ9qUArxz6oNodss_2A4gCvLImB6oGoaOvJovvpNiWBM_KQW0ggPVdV1mTm_9PMZ4NIq5gMVfQlDdHp-KQ_trfulRepIr2Y3pcHJNfw9k6kVqICWPURltGp4BViv0lro_XAj6fo2TNsqlUqBdllCHQs5thGXY3u4pcUpSgJVqw_TA6VKEJJhiACYuAr2WJGOvjag6M3kN36cVcZ1nnHDL9h_CqsvUHEGABQfWE9LXeX_MDiYaB0K4L5NIrAPHN7x53HqkddAm8NQhH8GAbiZWZqpmCtazdm9nlnEgS_7MwebpLWJsRXjGJw0OXlomOSyvtyz60S2L1WQ-Og6Zlix9Oa-YBfTcoD4W4IWCKmWyBQDL3uTndm29jQpCCU8jlPS0OPyk7S6ABK-Ijx9kBrzzzuwxmtNdkk6ZXQaTjZ1mY97kcA-r7_UMxSF2t2092XHQAashIfPeglRxzbne2rolf5rs_sviKTyIn7eV3Z2OUbsJ6mzaqaZg69CZJjyivHMadR0v3BVjwTgaiUDDH7KbyN-TSnlApsxVKQxqafLrycpJtIaJ9Xj1LH2sVajYFIU1o6QnBGTQ7obRGiXSZ-knlvfhhzHg6Aos&sai=AMfl-YQL6Fei7oZ7xrLUxv_ZLlA_PMZ0f6VKKLptA2TfbWidtg5lNoCCZBJOZUefnhka2jIamU0TUh5KQy1J7ymGPDxk2aDgtI3UmSKOm5geDXhBWhAxX9R2HZCDUhoQhXnl6lWoG68Q_VdxeycK1nf-y-NS_eXxk1D2L6AXj6jCGJjwGb50ShY0cbc0vaUUYppTj9I-9aObGIcfQcGZO4TeZKmx-xNJx5tPUZs9em7Bgls&sig=Cg0ArKJSzHiOcetj1lHhEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=227&vt=11&dtpt=226&dett=2&cstd=0&cisv=r20230802.66484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 07:13:45 GMT

GET
H2 200 userip Show response
kraken.rambler.ru/ 14 B
467 B 708ms
214ms XHR
text/plain 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cc560d907852ca8cdb870aeb19133ee68b9f1283b8288a9d18cc203958468fc7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
server: nginx
x-srv: 2kraken-prod0003.ad.rambler.tech
content-type: application/octet-stream, text/plain
access-control-allow-origin: https://id.nesrakonk.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-store,no-cache,must-revalidate
content-length: 14

GET
H2 200 usability.js Show response
st.top100.ru/top100/3.13.26/ 14 KB
4 KB 197ms
197ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/3.13.26/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: d94bc6cae1faca676e7646badecbba26b8ccf75bf343dfa847c66896b950e1c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 08:51:23 GMT
server: nginx
x-amz-request-id: tx000000000000014adb75a-0064cf4811-e8bb14d-default
etag: W/"03451f5dc052e68aea5628083846e6dc"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 200 7f257a8e79c29fc8 Show response
id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 82AF 0
552 B 23ms
23ms XHR
text/plain 2606:4700:3034::ac43:8868
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.nesrakonk.ru/cdn-cgi/challenge-platform/h/g/cv/result/7f257a8e79c29fc8
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8868 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQLeOA9ae07E0RKt5Qe12xXPAvlSvC2Acc5CQJ0MEuF546vxPMTtWdXseEh3Wc5WUjAK6tYP2u92MMY0vAyTG5KBgTpveQTbCUcKLZuXsGRdnHZk5Oj%2F88n1BeEHMyfQusEifc5Y6k962ebcScA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f257aa1dd733f6a-SIN
alt-svc: h3=":443"; ma=86400

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBD2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

146ms
146ms

Document
text/html

2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 07:13:45 GMT
expires: Sun, 06 Aug 2023 07:13:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 07:13:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
162 B 223ms
222ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 06 Aug 2023 08:13:45 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/56818315/
Redirect Chain

https://mc.yandex.ru/watch/56818315?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.ru/watch/56818315/1?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Au...

439 B
522 B

225ms
225ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56818315/1?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A1346653700032%3Ahid%3A481394255%3Az%3A0%3Ai%3A20230806071345%3Aet%3A1691306025%3Ac%3A1%3Arn%3A1061861446%3Arqn%3A1%3Au%3A1691306025391397923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C15%2C1665%2C338%2C1003%2C0%2C%2C672%2C8%2C%2C%2C%2C3697%3Aco%3A0%3Acpf%3A1%3Ans%3A1691306021130%3Arqnl%3A1%3Ast%3A1691306025%3At%3AEnsiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

04ae17f8f8eaf92a64c8ee9e46bbd75665bf32569e0d7dda6449845292c83232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 06-Aug-2023 07:13:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://id.nesrakonk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 07:13:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 07:13:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/56818315/1?wmode=7&page-url=https%3A%2F%2Fid.nesrakonk.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A2951%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A1346653700032%3Ahid%3A481394255%3Az%3A0%3Ai%3A20230806071345%3Aet%3A1691306025%3Ac%3A1%3Arn%3A1061861446%3Arqn%3A1%3Au%3A1691306025391397923%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C15%2C1665%2C338%2C1003%2C0%2C%2C672%2C8%2C%2C%2C%2C3697%3Aco%3A0%3Acpf%3A1%3Ans%3A1691306021130%3Arqnl%3A1%3Ast%3A1691306025%3At%3AEnsiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://id.nesrakonk.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 07:13:45 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 450D 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:34:19 GMT

GET
H2 200 718cf8928bf560090e47.js Show response
yastatic.net/partner-code-bundles/837119/ 14 KB
5 KB 806ms
438ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/837119/718cf8928bf560090e47.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c31a5191d096c7ca76227b981bac375a0224865801365a46d1f648a9e8b13c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4774
last-modified: Thu, 03 Aug 2023 16:40:36 GMT
server: nginx/1.17.9
etag: "e178af47232ffe7082f0a9d8cc328c40"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:45:36 GMT

GET
H2 200 68e1a51be9e69a6436a7.js Show response
yastatic.net/partner-code-bundles/837119/ 24 KB
8 KB 993ms
627ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/837119/68e1a51be9e69a6436a7.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a6e11e3a75f66d0c5fd9d1ff43a88a80e1f6c9fc4b80598593deed8a9ef78368

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7954
last-modified: Thu, 03 Aug 2023 16:40:36 GMT
server: nginx/1.17.9
etag: "097d9ef6259369f3acd0cfd10d84ef6c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:45:36 GMT

GET
H2 200 ccd347932ab745344ef3.js Show response
yastatic.net/partner-code-bundles/837119/ 119 KB
26 KB 934ms
568ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/837119/ccd347932ab745344ef3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9d0c1d53852ad33c16bd2eea9039402bfa442cf372ebe70da55f082ec54822ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 25964
last-modified: Thu, 03 Aug 2023 16:40:37 GMT
server: nginx/1.17.9
etag: "214ba71a441f6b091dabe17cb6aa971c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:45:36 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 856ms
491ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:46:20 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 728ms
365ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 7d634b9a883be38d
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Aug 2024 12:59:32 GMT

GET
H2 200 da5bf5eac740078c621b.js Show response
yastatic.net/partner-code-bundles/837119/ 7 KB
3 KB 989ms
628ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/837119/da5bf5eac740078c621b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3537472b3995c24bc2b4efed6a3e9b36c7202a368e38ab7bffe466e94a58998f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2084
last-modified: Thu, 03 Aug 2023 16:40:37 GMT
server: nginx/1.17.9
etag: "dccd5891c787b14a2eee5c17d3127320"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:45:36 GMT

GET
H2 200 7905cc6ec455612f86fc.js Show response
yastatic.net/partner-code-bundles/837119/ 600 KB
115 KB 577ms
577ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/837119/7905cc6ec455612f86fc.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

beba575d5d4384a32c4bffc98ee1b8b334c80ebbfa0a6fd15012d050263702c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://id.nesrakonk.ru/
Origin: https://id.nesrakonk.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117438
last-modified: Thu, 03 Aug 2023 16:40:36 GMT
server: nginx/1.17.9
etag: "805b445493db1dfa170153833ce3023e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 05 Aug 2053 13:45:36 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 5940
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6d9a30a5-860e-46ad-82f7-3b94fcacb719&ssp=between&gdpr=&gdpr_consent=

42 B
204 B

64ms
45ms

Image
image/gif

34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6d9a30a5-860e-46ad-82f7-3b94fcacb719&ssp=between&gdpr=&gdpr_consent=
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:45 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6d9a30a5-860e-46ad-82f7-3b94fcacb719&ssp=between&gdpr=&gdpr_consent=
Date: Sun, 06 Aug 2023 07:13:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content pbscookie Show response
p.vidoomy.com/api/rtbserver/ Frame 1F3E 0
365 B 606ms
155ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.vidoomy.com/api/rtbserver/pbscookie?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&vid=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=NQSlh78sr125iK3Wg5hO&pi=vidoomy&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 07:13:46 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://vid.vidoomy.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1353 37 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:34:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 450D 0
20 B 48ms
47ms Image
image/gif 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJH1TKEjPZPSjCtKv1AbeiyUAAAAAOAHgBAI&bg=!iYqlit7NAAZGOVy5Zjk7ADkAdvg8WqD-5v3mm85Z8lzLJV-p3gtZF5ibMtTAcG60bEMQ5uHnSDR10q-QjC9W4fhg1vLhL_LoGpkCAAAA1FIAAAAGaAEHmQLzycbh6SxSg5LwSCLvBhMAmh5JXL_mXYYY298WjFKTHvDq1BWCRfnHppVwMqmeL5BTII9WMzZ1b7wg-Avw0DO6CXruSj4Z073yjfddnwgB355FwxXUeZQGMoV3LyEP2nPbfVOJgxtJUqjHGPAvY3zc-l8slTQRQUFxEdnwOxE-131eEYgpZeqYoL0GIPD5RdcbEcP9ZQcLH_OiL-da9_rc5wiVRpPUsq3mwlJytESFd3nbVC53c1dJ9dOkPrkgO47oqaVxj9-sV7TTDDVqsXhCxrZ3mbr_HCkPthGr8qsZs_JyYYD15RL2HABUhnxCqoURdI8F1rYE9BXBFt_8kGEYTeg4DXjwt4mPuuUdfk5JShWOmQe9JbtFlXhykYNYwMAyBPZQnZlqPbwtnOV59mU_lop5YuJL6G5QtdIqkkOtqZIJGd1opofMtC7KH4gr0uambVXjzUltKUT6SR4ksr35LkIMlrjOqYFB6uQd2U0OT8b3K32FPgJl9PHuAKLioTsq-ktLU-AcUHT2XjZXAiaonkfLQFdvzaqMG7kXDtVUhzNTN2S_QfWQlZWIOz0d38QsztIeUT6eiY5t5HKQW9dEp6TrY81JUCoe1QWZOgbYOpfWTSp229AxmWYcVC5XPpXewCHRPM0sjKbEIlwMUhoyftUEqtexAGlBmEExxAKN0YE7lKvu1D7KSJV3e58-T2t-ic9oP9sOms03BuYpDAutwqqlgi_eOL5SbQTLUB_HzFwsX6UgFiDdHSOUBTH5Kb48amzJM3-b-m_LqLGKKmnuvtjF-kKd4hXA4e10jbggiDchQ7FOLhIQ4Y5VAMeLx5QH9JvOdvmYfEt8E0hp5KrlmEp72ZRxfvfYjeBDTtbiwetfBgN3Dz3ZvCIVbvvYUhseU1wiNIMJBSZg5qikLEgvx82Zngr9eRE9smeuOwxrL_1E4NE3IQ-LzCGn83fsUzjoY1vF6cjcU8wucoz0zgspBBIMy1CIEK762B2QZP-56lTJyL0

Requested by

Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c87adfcc-3428-11ee-b1da-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 5940
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARiqkL2mBqIBEMh638w0KBHusdoAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c87adfcc-3428-11ee-b1da-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=c87adfcc-3428-11ee-b1da-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=pxCm%2FjJPvdinJra4tZ7%2Fyw&
https://an.yandex.ru/mapuid/adsniperis/c87adfcc-3428-11ee-b1da-002590c82437

43 B
387 B

628ms
209ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/c87adfcc-3428-11ee-b1da-002590c82437

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 06 Aug 2023 07:13:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 06 Aug 2023 07:13:47 GMT

Redirect headers

Date: Sun, 06 Aug 2023 07:13:47 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://an.yandex.ru/mapuid/adsniperis/c87adfcc-3428-11ee-b1da-002590c82437
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
582 B 586ms
198ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.13.26&pid=7460281&tid=t1.7460281.573662769.1691306025080&rid=1691306025.08-1132220681&fid=pA8AAENKs1foTELuAbtDRgA%3D&fip=pA8AAENKs1dEKhtAARheJQA%3D&eid=988860257753692&aduid=26dfb85f-4717-4142-9ba0-2a13270f5745&aduidsc=nesrakonk.ru&stid=1728480493_1691306025082&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=Ensiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Fid.nesrakonk.ru%2F&lv&exp=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1636472179
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
481 B 196ms
196ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7460281&session_id=1728480493_1691306025082&session_number=1&session_event_number=1&version=3.13.26&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.7460281.573662769.1691306025080&adtech_uid=26dfb85f-4717-4142-9ba0-2a13270f5745&adtech_uid_scope=nesrakonk.ru&fingerprint=pA8AAENKs1foTELuAbtDRgA%3D&fingerprint_ip=pA8AAENKs1dEKhtAARheJQA%3D&url=https%3A%2F%2Fid.nesrakonk.ru%2F&request_id=1691306025.08-1132220681&event_id=988860257753692&meta=%7B%22title%22%3A%22Ensiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=401213221
Requested by: Host: id.nesrakonk.ru
URL: https://id.nesrakonk.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D08 42 B
174 B 48ms
48ms Fetch
image/gif 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_EAFXHwb_3-MtnsCO__d6X30HTHzW6U7aVl9UHJ52eWk3Wp1_dQ59zKb73nxdXquyGGtEhdgoaO-8o9Pr9rFcTiJ4VDXeukYFv43rUqdmrSoXQxdRVbUhWU0olEXjCF5czjyVPD3XQQ&sai=AMfl-YRdsCjJNknSz5O6QCzybP2u71hK4aLliJfJ_ZE-SKnMIMMv2KyJfQLRq1rlkPfgCUxzZVDwfBi0WL1u&sig=Cg0ArKJSzGZiXcE-Vu6cEAE&cid=CAQSGwBpAlJWjABLty2uMJsxGSD_G4cw-NkHFckKAhgB&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=731,1001,1001,1001,1001&tos=731,270,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691306024791&rpt=660&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 26ms
26ms XHR
application/json 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

151c6a3ee1518aa8802c9f79658b476a37a355403b8f675453c741f30c41de8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11877
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
922 B 217ms
216ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3230435;u=https%3A//id.nesrakonk.ru/;st=1691306024824;title=Ensiklopedia%20keuangan%20-%20Konsep%20dan%20istilah%20keuangan;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f0ced90c6b89d919;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1691306021130/////1002/1003/1003/1003/1019/1006/1019/2685/3023/2688/3694/3696/3705/5448/5448/5449;ni=10//4g/0/0/;lvid=1691306024954%3A1691306026580%3A2%3A0159c72424bc569f5215f392d55cc432;opts=jst-ym;visible=true;_=0.8771923973293934;e=RT/load;et=1691306026579

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://id.nesrakonk.ru/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 06 Aug 2023 07:13:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://id.nesrakonk.ru
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://id.nesrakonk.ru
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://id.nesrakonk.ru
access-control-allow-headers: *

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Aug 2023 07:13:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6E5 13 KB
5 KB 5ms
5ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 263562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 06:01:04 GMT
expires: Fri, 02 Aug 2024 06:01:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 642C 783 B
970 B 11ms
10ms Document
text/html 2404:6800:4003:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd89fa45d5534b46749a66a62254c45eec01721f69d398426a402e59b7c81e60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--gGk3JYp7lsPMRErceuQCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://id.nesrakonk.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--gGk3JYp7lsPMRErceuQCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 07:13:46 GMT
expires: Sun, 06 Aug 2023 07:13:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 642C 0
0 49ms
49ms Image
text/html 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=1027314663869693&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A6E5 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:34:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:34:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A6E5 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dPviQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=1027314663869693&bg=!yMuly5_NAAZGOVy5Zjk7ADkAdvg8Wm5BlHxs6jAQ3lS9FRPMSrB31AOvY0axUT-I07xiqY8OYuMownm1S34awveQWoQ8t0JK7Y0CAAAAT1IAAAAFaAEHCgB5Sda9kQPGrl5HnznjX3qhF9yYL1W6HeSnFg-ZGbR0RG-csA1NpdmAF-FeyrBM9q0lLsuH63gi0YcuhvOFePwN6qjFBPEGP3syimGUNBU48km92kTZMQ6z9uG4jdbahorQyTN7tve0rmIGzJMmrpG-qF5TTtEdfSdUhJkCqm4UOAgWzrOdEyA-y4AuvzDF5Tvv0UXdBbHpbRMhRWhvUmjHU1ThTskDLrO8O8UqG5V0w5U1citb0LnXoSAvEAofPcfq-JlVXfDZKPb6xT0-jvibFIRnt_7v9pLMvts1CZo69G-eSeiiHTvlNDuQXdudu7Lhy7ZvhQf1bTAfoI1zrGzc9-vTRywnqqf4nVqcyN8nfiYaTPEmfrBwChPM4zmMim1ON57g7uWO3IlPeI4EhZl_ZkKWG3r2glJ9X929vIrAdvWdZGN8CIMT4R8nQJsLNITeWac5b42yUVIABekRJBomL80ESuLw9lgvlukQlxTr2TK6bw617Pv1WpvwyKNwMa8iVqbuMyMsFJdfEZSLT3k5cE87FXZLQV6N7g6Wyea44NKSxi5ONI8AzKHP9rci52C3yWJ1nhLl4Rd6TDjDG0EbxSS0X47zYxpSNdY8FSP2Mg0lKwsYLwevcND_jrMJI0tJGXw7GnV0pFTfD2wxs-ReFloJZQE6D9Nchbg_LjGFfuyJexsZDHur3Ngmdi8NNkgQ4AupXF2EoFYiGPkrttaBczozpeD5asS0vBgOp8h1JEXRQDOvq2YPo5ZeYuCpkoiBHXKji_3myIF8eQXyA2FbMMag9Iix5Xx-EaG9FeFlefbAGx4fnir6DavX6wytkxFW3d221plsqub_UVlnHvll2Ij2oV3uipTwxFTUizr2W7VWLHzN2fZ24Vg6qUiQX2I9VC2rm43n4mff53wpETmIe_OZAu5n92CG8oVC2969yn8aVWw-scRst7h0U8O4YmXntJcGpSon7v7z4o4o90YkuNjqkHPPO50YlsWObjmJFguS8fse8Q5a2NJBSsfwga2ptX23ONAA7rDcU13bobwO4l7Yp9L4IyzOaccoDVJaWEmKo1bVVVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2404:6800:4003:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-2661896136775218&su=id.nesrakonk.ru&eid=44759876%2C44759842%2C44759927%2C31076087%2C31076652&doc=complete&pg_h=2581&pg_w=1600&pg_hs=2581&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://id.nesrakonk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match Show response
ads.betweendigital.com/ Frame 684E 68 B
598 B 6ms
5ms Document
image/png 203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E9AB
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

50ms
10ms

Document
text/html

23.73.13.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&CACHEBUSTER=753237
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.13.122 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 06 Aug 2023 07:13:48 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 06 Aug 2023 07:13:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E9AB 34 KB
10 KB 8ms
8ms Script
text/html 23.73.13.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.13.122 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9e3191c0f1717d14b22ef2884863538768716ed8f70181204ea5bb5976f1617b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 07:13:48 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Aug 2023 17:27:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36799
Connection: keep-alive
Content-Length: 10114
Expires: Sun, 06 Aug 2023 17:27:07 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E9AB 284 B
932 B 351ms
6ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
ads.betweendigital.com/ Frame E9AB
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=LKZ3XVRW-27-DBBK
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LKZ3XVRW-27-DBBK

68 B
598 B

4ms
4ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LKZ3XVRW-27-DBBK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LKZ3XVRW-27-DBBK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E9AB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEErsPO_PEKJvSwo6ilaPTBU&google_cver=1

42 B
689 B

495ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEErsPO_PEKJvSwo6ilaPTBU&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEErsPO_PEKJvSwo6ilaPTBU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E9AB
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=87467dcf-5343-46ce-8bee-f62df423ef09&gdpr=0&gdpr_consent=&expires=30

42 B
689 B

484ms
6ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=87467dcf-5343-46ce-8bee-f62df423ef09&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=87467dcf-5343-46ce-8bee-f62df423ef09&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9AB
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtaM1hWUlctMjctREJCSw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAgWDXn64jAbQnZJoXqkPVQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtaM1hWUlctMjctREJCSw==&google_push=

170 B
188 B

9ms
9ms

Image
image/png

74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtaM1hWUlctMjctREJCSw==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtaM1hWUlctMjctREJCSw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E9AB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JTbuw_7-Qh-SN7g28c7OvA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JTbuw_7-Qh-SN7g28c7OvA

43 B
479 B

179ms
179ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JTbuw_7-Qh-SN7g28c7OvA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 07:13:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MRWKZ0M2VRCB66CQQW0M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JTbuw_7-Qh-SN7g28c7OvA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E9AB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BhbEcE9GRnmaljQqabTI6A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BhbEcE9GRnmaljQqabTI6A

43 B
479 B

231ms
231ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BhbEcE9GRnmaljQqabTI6A

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 07:13:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DWKMJXTH69Q30RC635FC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BhbEcE9GRnmaljQqabTI6A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E9AB
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKZ3XVRW-27-DBBK

0
513 B

184ms
170ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKZ3XVRW-27-DBBK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 561F54DBA4264B63BE0C01CE4ECD72BC Ref B: SIN30EDGE0817 Ref C: 2023-08-06T07:13:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCO98NbrV1jltojywGhg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKZ3XVRW-27-DBBK
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E9AB
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/x9rrDtiJ6amRS8FavRYwe8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Un.icM1E2oLPgilJDtql6uOYxc.41KeM7xV7Xw--~A

42 B
689 B

465ms
6ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Un.icM1E2oLPgilJDtql6uOYxc.41KeM7xV7Xw--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 06 Aug 2023 07:13:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Un.icM1E2oLPgilJDtql6uOYxc.41KeM7xV7Xw--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9AB
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1NmE5OGU0ZDdkMTI1MzFjMGFjZWEyNWVjNWRjNGZkMDc2ZDdlNA

170 B
188 B

8ms
8ms

Image
image/png

74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1NmE5OGU0ZDdkMTI1MzFjMGFjZWEyNWVjNWRjNGZkMDc2ZDdlNA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Protocol

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODQ1NmE5OGU0ZDdkMTI1MzFjMGFjZWEyNWVjNWRjNGZkMDc2ZDdlNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

753237
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 5940
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237

43 B
296 B

199ms
199ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 07:13:50 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/753237
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

204

/
csync.loopme.me/ Frame 5940
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&expires=60
https://csync.loopme.me/?partner_id=1196&uid=6d9a30a5-860e-46ad-82f7-3b94fcacb719&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
156 B

506ms
164ms

Image
text/plain

35.214.236.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=1196&uid=6d9a30a5-860e-46ad-82f7-3b94fcacb719&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Protocol: H2
Server: 35.214.236.30 -, , ASN (),
Reverse DNS
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 07:13:51 GMT
server: _

Redirect headers

Location: //csync.loopme.me/?partner_id=1196&uid=6d9a30a5-860e-46ad-82f7-3b94fcacb719&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Sun, 06 Aug 2023 07:13:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
onetag-sys.com/usync/ Frame 0823 2 KB
0 869ms
363ms Document
text/html 51.89.9.253

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d61e1b4b-4831-54da-b0f0-c4bfd43f8c98&CACHEBUSTER=753237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
id.nesrakonk.ru/	1970-01-20 13:58:30	Name: __oagr Value: true
.betweendigital.com/	1970-01-20 22:34:02	Name: dc Value: sin1
.betweendigital.com/	1970-01-20 22:34:02	Name: tuuid Value: d61e1b4b-4831-54da-b0f0-c4bfd43f8c98
.betweendigital.com/	1970-01-20 22:34:02	Name: ss Value: 1
.nesrakonk.ru/	1970-01-20 23:10:02	Name: __gads Value: ID=4e57b35e7f1be9cb-22585d2a5580004a:T=1691306024:RT=1691306024:S=ALNI_MbUccErwC8Dw81-xMjKvNM8Gu7Ayw
.nesrakonk.ru/	1970-01-20 23:10:02	Name: __gpi Value: UID=00000c2795061f8a:T=1691306024:RT=1691306024:S=ALNI_MazIqbnXc0dABF5w62seZlvuZVw8A
.bidswitch.net/	1970-01-20 22:34:02	Name: tuuid Value: 6d9a30a5-860e-46ad-82f7-3b94fcacb719
.bidswitch.net/	1970-01-20 22:34:02	Name: c Value: 1691306024
.bidswitch.net/	1970-01-20 22:34:02	Name: tuuid_lu Value: 1691306024
.yandex.ru/	1970-01-20 23:24:26	Name: i Value: hB11pXkemt0xNB5XAkWEYpMViR6opuCGODrZDWsC0uVUZ3iW6Dg8qvmixtnqOS26wFI/rs0kGWQpXmxfZYZjPW1r2+A=
.yandex.ru/	1970-01-20 23:24:26	Name: yandexuid Value: 3021611131691306024
.sitescout.com/	1970-01-20 22:34:02	Name: ssi Value: 865714bf-7e80-453b-bb57-f518e02c63d4#1691306024620
pool.admedo.com/	1970-01-20 22:34:02	Name: tuuid Value: b203029d-0956-4193-af63-fb7b0a5d9e16
pool.admedo.com/	1970-01-20 22:34:02	Name: c Value: 1691306024
pool.admedo.com/	1970-01-20 22:34:02	Name: tuuid_lu Value: 1691306024
.creativecdn.com/	1970-01-20 22:34:02	Name: u Value: NQSlh78sr125iK3Wg5hO
.creativecdn.com/	1970-01-20 22:34:02	Name: ts Value: 1691306024
.doubleclick.net/	1970-01-20 23:24:26	Name: IDE Value: AHWqTUknZxMD4hY1eZBnfw6ryRzp2oV4lrG-yu29ProWt0QoEMpuax3kqjYd8Jw6
.sitescout.com/	1970-01-20 14:31:38	Name: _ssuma Value: eyIzOSI6MTY5MTMwNjAyNDc4OSwiNyI6MTY5MTMwNjAyNDc4OX0
.adnxs.com/	1970-01-20 15:58:02	Name: uuid2 Value: 2627275864031838832
.nesrakonk.ru/	1970-01-20 21:47:57	Name: tmr_lvid Value: 0159c72424bc569f5215f392d55cc432
.nesrakonk.ru/	1970-01-20 21:47:57	Name: tmr_lvidTS Value: 1691306024954
.adnxs.com/	1970-01-20 15:58:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>9d98][!]tbPl1M>e)ZlrFUfJ+tGXxpCZr6$6CeNA@NZlV6C@!EAVWkgb[80ScLcH!23If)y3KL9D3I?+H^<0)y
.nesrakonk.ru/	1970-01-20 22:34:02	Name: adtech_uid Value: 26dfb85f-4717-4142-9ba0-2a13270f5745%3Anesrakonk.ru
.nesrakonk.ru/	1970-01-20 22:34:02	Name: top100_id Value: t1.7460281.573662769.1691306025080
.nesrakonk.ru/	1970-01-20 23:24:26	Name: last_visit Value: 1691306025084%3A%3A1691306025084
.crwdcntrl.net/	1970-01-20 20:17:13	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:17:13	Name: _cc_id Value: 431997f19295128132a2cad5cf431e8a
.crwdcntrl.net/	1970-01-20 20:17:14	Name: _cc_cc Value: "ACZ4XmNQMDE2tLQ0TzO0NLI0NTSyMDQ2SjRKTkwxTU4DyqRaJDIAQcp5D00QDQUANm4J9g%3D%3D"
.crwdcntrl.net/	1970-01-20 20:17:14	Name: _cc_aud Value: "ABR4XmNgYGBIOe%2BhCaSgAAAVMAGl"
.nesrakonk.ru/	1970-01-20 22:34:02	Name: _ym_uid Value: 1691306025391397923
.nesrakonk.ru/	1970-01-20 22:34:02	Name: _ym_d Value: 1691306025
.tapad.com/	1970-01-20 15:14:50	Name: TapAd_TS Value: 1691306025194
.tapad.com/	1970-01-20 15:14:50	Name: TapAd_DID Value: b0fd0eab-90a7-4228-b66e-d5c7d2b9b845
.casalemedia.com/	1970-01-20 22:34:02	Name: CMID Value: ZM9IKcAcQ26Chp4cpcIbsAAA
.casalemedia.com/	1970-01-20 15:58:02	Name: CMPS Value: 4749
.casalemedia.com/	1970-01-20 15:58:02	Name: CMPRO Value: 4749
.nesrakonk.ru/	1970-01-20 22:34:02	Name: cf_clearance Value: G18QuORThxzZyBfCbtsHJCfoNx8iSIywlKNTK2WxBCg-1691306025-0-1-f2ac03ed.c547fdcd.74085eec-0.2.1691306025
.tapad.com/	1970-01-20 15:14:50	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-20 13:48:29	Name: DSID Value: NO_DATA
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2241558611691306025
.yandex.ru/	1970-01-20 23:24:26	Name: yuidss Value: 3021611131691306024
.yandex.ru/	1970-01-20 22:34:02	Name: ymex Value: 2006666025.yrts.1691306025
.yandex.ru/	1970-01-20 22:34:02	Name: bh Value: KgI/MA==
.nesrakonk.ru/	1970-01-20 13:49:38	Name: _ym_isad Value: 2
.nesrakonk.ru/	1970-01-20 22:34:02	Name: t3_sid_7460281 Value: s1.1728480493.1691306025082.1691306025776.1.2
.bumlam.com/	1970-01-20 23:24:26	Name: suuid3 Value: IiRjODdhZGZjYy0zNDI4LTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.rambler.ru/	1970-01-20 23:24:26	Name: ruid Value: 1CIAACpIz2TglUUBAVVtPgB=
.mail.ru/	1970-01-20 22:35:28	Name: VID Value: 16B0LG2WuvoJ00000u1mT42J:::0-0-0-9e9a0e9:CAASEI7XGq4Lnx9edWZBhEcP_rEaYGt81b6bKAz9kk1tOJZgSKb95Z1uEPRDuZRErew9pCsM7AGd2uFqcZhTEICTYQw4kPJlZxhX3sK2pLnVji0ug6dBpXfu9ee0hZ4qkGu8JPIgoe2kxeAF2doSSIKAyV6JBQ
.aidata.io/	1970-01-20 23:24:26	Name: __upin Value: pxCm/jJPvdinJra4tZ7/yw
.aidata.io/	1970-01-20 23:24:26	Name: __upints Value: 1691306026
id.nesrakonk.ru/	1970-01-20 13:49:52	Name: tmr_detect Value: 0%7C1691306027436
.rubiconproject.com/	1970-01-20 22:34:02	Name: khaos Value: LKZ3XVRW-27-DBBK
.adsrvr.org/	1970-01-20 22:35:28	Name: TDID Value: 87467dcf-5343-46ce-8bee-f62df423ef09
.adsrvr.org/	1970-01-20 22:35:28	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMTltefWlYs8EAUYBSABKAIyCwjgtb6U7ZWLPBAFOAE.
.yahoo.com/	1970-01-20 22:34:23	Name: A3 Value: d=AQABBCxIz2QCENDe4sdtMQJPNITiabqvxWoFEgEBAQGZ0GTZZAAAAAAA_eMAAA&S=AQAAAkFMm5Xv5bi9FW2sg7qMwFY
.linkedin.com/	1970-01-20 22:34:02	Name: bcookie Value: "v=2&c82adbc2-492f-426c-81c3-89aa205f90ad"
.linkedin.com/	1970-01-20 13:49:52	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2962:u=1:x=1:i=1691306028:t=1691392428:v=2:sig=AQHxnRyOl-eoY3ib64G71Gcs9Gt6hvX2"
.betweendigital.com/	1970-01-20 22:34:02	Name: ut Value: ZM9ILQAGuqjOXWluuGzXADSIQJwZ8sQlDKQCTA==
.amazon-adsystem.com/	1970-01-20 23:24:26	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:32:35	Name: ad-id Value: A-mOzKTxcUszj0k_i-BHL88
.rubiconproject.com/	1970-01-20 22:34:02	Name: audit Value: 1\|KppsSbkF6ADfaMRTh5pbFOaC2sDb2tSKXIQHHyfefjtx1g1ygpCGviL2AlLUIfH1nqvNJY7FqqvqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.nesrakonk.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
aax-eu.amazon-adsystem.com
ads.adlook.me
ads.betweendigital.com
an.yandex.ru
cache.betweendigital.com
cm.g.doubleclick.net
cmp.optad360.io
creativecdn.com
csync.loopme.me
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.nesrakonk.ru
kraken.rambler.ru
match.adsrvr.org
mc.yandex.ru
odr.mookie1.com
onetag-sys.com
p.vidoomy.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
st.top100.ru
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
vid.vidoomy.com
vpaid.vidoomy.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
103.43.90.54
139.5.84.243
142.250.4.154
148.251.4.142
175.41.155.116
176.122.21.226
18.177.252.34
185.184.8.90
2001:6d0:4001::226
203.195.121.142
212.36.83.245
212.36.83.246
23.73.13.122
23.76.212.194
2404:6800:4003:c00::5e
2404:6800:4003:c01::63
2404:6800:4003:c02::95
2404:6800:4003:c03::84
2404:6800:4003:c04::5f
2404:6800:4003:c04::9c
2404:6800:4003:c06::9d
2404:6800:4003:c0f::9b
2404:6800:4003:c11::5e
2404:6800:4003:c1a::9d
2406:da18:929:5a01:aa3d:dd4b:67a5:fb53
2600:9000:229f:9200:11:a4de:2580:93a1
2600:9000:23d2:d000:6:b871:4f00:93a1
2606:4700:3034::ac43:8868
2620:1ec:21::14
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:d100::12
2a02:6ea0:d100::25
31.172.81.158
31.222.226.234
34.111.113.62
34.111.79.67
35.213.12.39
35.214.236.30
35.71.131.137
51.89.9.253
52.46.128.147
52.94.223.37
69.173.144.138
69.173.158.64
74.125.200.157
81.19.89.16
81.19.89.18
89.108.120.76
95.163.52.67
98.98.134.241
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04ae17f8f8eaf92a64c8ee9e46bbd75665bf32569e0d7dda6449845292c83232
04f93aef550953cd460b26e8c6713c52208ea2fb9966d5842da02262ab4dfb5a
05942573f213a8e42feb7fc51e761f032b953bea7399e99cfcd37673e0cba46b
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10b8c4d973307cd90e137e1d319c8d0ce53e18c26538470b2281182a122cb887
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151c6a3ee1518aa8802c9f79658b476a37a355403b8f675453c741f30c41de8f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e
289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
32786d444e9857efb3f20c41c2b06bb1c814b0ccf3de31d83bec30c8b3fa96d3
33f9e72e88b0e060a4ab8765a71da98b5e964c93021cf4e457f1f56a2a40d3f0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3537472b3995c24bc2b4efed6a3e9b36c7202a368e38ab7bffe466e94a58998f
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a15a5675337004c52555a8372b17186e19e0491dfa646ab3a5fa851d0ab7b03
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
722bca0f91daf3eaed212ada19ad6809a179bd9d576051ada272c6098ae1c37d
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7de48a1559f0ab973cee3ee26a794d5931aa9d7d7887290bfe13436cf7f3f5af
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
803acb5a5ca3e2b381586c81270037f671b5fe762a43eb6d4893018db46ce8da
908f85eb29b402fa6c9d6ee53fd3bbd6f82626c8e867beaf1523ccfbaf614c5c
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926
94de6dccadf5d43fd19c5db39b8fb07a4dba481897d5d82a139f7bab108638c2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0c1d53852ad33c16bd2eea9039402bfa442cf372ebe70da55f082ec54822ea
9e3191c0f1717d14b22ef2884863538768716ed8f70181204ea5bb5976f1617b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a6e11e3a75f66d0c5fd9d1ff43a88a80e1f6c9fc4b80598593deed8a9ef78368
a9f070e4ef646e1ee3e2a9814055422f99b76118770a09960d30260b9668913a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abd92f157df7b8b750b9d7ff0d817a55f3ade710de1901a19f2d3233b400c62b
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bd89fa45d5534b46749a66a62254c45eec01721f69d398426a402e59b7c81e60
beba575d5d4384a32c4bffc98ee1b8b334c80ebbfa0a6fd15012d050263702c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31a5191d096c7ca76227b981bac375a0224865801365a46d1f648a9e8b13c91
cc560d907852ca8cdb870aeb19133ee68b9f1283b8288a9d18cc203958468fc7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d94bc6cae1faca676e7646badecbba26b8ccf75bf343dfa847c66896b950e1c9
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0d151ceb5573035841141679f548ed0f594af7f7025058a04977e238c2fe69a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b2b38af72301f541319d4c9b6565e0a654e85b3bcf5542996c77b86dedcf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
ffae75c7a64492ee940a0290db43d3e08ebc2f3e92fdf9512342e3318925581b

id.nesrakonk.ru Open in urlscan Pro 2606:4700:3034::ac43:8868 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

81 %HTTPS

42 %IPv6

38 Domains

54 Subdomains

42 IPs

10 Countries

1564 kBTransfer

4198 kBSize

62 Cookies

5 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

id.nesrakonk.ru Open in urlscan Pro
2606:4700:3034::ac43:8868 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

81 %
HTTPS

42 %
IPv6

38
Domains

54
Subdomains

42
IPs

10
Countries

1564 kB
Transfer

4198 kB
Size

62
Cookies

121 HTTP transactions
1 data transactions