urlscan.io logo urlscan.io
SecurityTrails logo

m.korday.nahodyator.kz Open in urlscan Pro
2a10:9200:1:ad::1  Public Scan

Go To Rescan Add Verdict Report
URL: http://m.korday.nahodyator.kz/
Submission: On October 31 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 55 HTTP transactions. The main IP is 2a10:9200:1:ad::1, located in Russian Federation and belongs to CLOUDASSETS, RU. The main domain is m.korday.nahodyator.kz.
This is the only time m.korday.nahodyator.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    2a10:9200:1:ad::1 (Russian Federation)

ASN212441 (CLOUDASSETS, RU)
m.korday.nahodyator.kz
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:6b8:a::a (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a02:6b8:20::215 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a02:26f0:480:21::217:d112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
4    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
287 KB
12 nahodyator.kz
m.korday.nahodyator.kz
18 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6894
207 KB
6 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11595
4 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 66
15 KB
5 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
30 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
133 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
60 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
36 KB
1 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2158
90 KB
55 13
Domain Requested by
12 m.korday.nahodyator.kz m.korday.nahodyator.kz
8 pagead2.googlesyndication.com m.korday.nahodyator.kz
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 yastatic.net yandex.ru
6 counter.yadro.ru 4 redirects m.korday.nahodyator.kz
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 tpc.googlesyndication.com m.korday.nahodyator.kz
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com m.korday.nahodyator.kz
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com m.korday.nahodyator.kz
1 cdn.adnxs.com m.korday.nahodyator.kz
1 adsdk.microsoft.com m.korday.nahodyator.kz
1 region1.google-analytics.com www.googletagmanager.com
1 yandex.ru m.korday.nahodyator.kz
55 16
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-06-21 -
2023-12-19		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://m.korday.nahodyator.kz/
Frame ID: 395BDC001A386FA59FDC8946F7CFED4C
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 1D10E1C74F47F9B40749C0EFEB67E486
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1698765851&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fm.korday.nahodyator.kz%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698769451993&bpp=3&bdt=551&idt=264&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6862048289181&frm=20&pv=2&ga_vid=271623727.1698769452&ga_sid=1698769452&ga_hid=2041053619&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079232%2C44805931%2C44807454%2C31078301%2C31079176%2C31079155%2C44806140&oid=2&pvsid=1509992696871372&tmod=410522610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: C2F406258FEC4BDC71D7005E38FCF603
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 504AC7E919D9E37C3963BB7F4609F845
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 978104B171E310739DE596CF712A96AF
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4799C1060FB2403F6C2EC6DC2CF00B06
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 690F4C7889DFFF0D199B364712A9578B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

НАХОДЯТОР - находит все самые свежие объявления

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

55
Requests

71 %
HTTPS

76 %
IPv6

13
Domains

16
Subdomains

17
IPs

3
Countries

933 kB
Transfer

2924 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.9828876024933533 HTTP 302
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.9828876024933533 HTTP 302
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.9828876024933533
Request Chain 15
  • http://counter.yadro.ru/hit;nahodyator?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.5873968181040847 HTTP 302
  • https://counter.yadro.ru/hit;nahodyator?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.5873968181040847 HTTP 302
  • https://counter.yadro.ru/hit;nahodyator?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.5873968181040847
Request Chain 37
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=364502be-f319-4fd0-b84a-f2d0637855a9&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e4c6913c-cc8b-4bdb-a119-cd4102dcb1fa&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D58a472de0ce74a73a678f56e7c90546e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=8259801&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=84484577006448507 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58a472de0ce74a73a678f56e7c90546e&SNR=1&GV=2&med=10
Request Chain 53
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=364502be-f319-4fd0-b84a-f2d0637855a9&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e4c6913c-cc8b-4bdb-a119-cd4102dcb1fa&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D58a472de0ce74a73a678f56e7c90546e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=8259801&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=84484577006448507 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58a472de0ce74a73a678f56e7c90546e&tids=15000&med=10

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m.korday.nahodyator.kz/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e5d5edf303620b3678fdd3798621667a0ad913dd6f5d3329eca7c6eb16e3f6ca
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src yandex.ru https://*.yandex.ru https://*.yandex.net https://*.yandex.com http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net *.google-analytics.com https://clk.streamgo.ru 'report-sample'; font-src https://yastatic.net https://fonts.gstatic.com; frame-src https://yastatic.net https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * data: 'report-sample'; manifest-src 'self'; media-src data: 'self' https://strm.yandex.ru https://*.strm.yandex.net https://cdn.streamgo.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://yandex.ru https://yastatic.net http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com https://mc.yandex.ru https://mc.yandex.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Strict-Transport-Security max-age=15768000; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private, must-revalidate, max-age=7200
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'; connect-src yandex.ru https://*.yandex.ru https://*.yandex.net https://*.yandex.com http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net *.google-analytics.com https://clk.streamgo.ru 'report-sample'; font-src https://yastatic.net https://fonts.gstatic.com; frame-src https://yastatic.net https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * data: 'report-sample'; manifest-src 'self'; media-src data: 'self' https://strm.yandex.ru https://*.strm.yandex.net https://cdn.streamgo.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://yandex.ru https://yastatic.net http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com https://mc.yandex.ru https://mc.yandex.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Content-Type
text/html; charset=utf-8
Date
Tue, 31 Oct 2023 16:24:11 GMT
ETag
W/"a5c34837dc281a4147ab273bfb370dbc"
Expires
Tue, 31 Oct 2023 18:24:11 GMT
Keep-Alive
timeout=5
Last-Modified
Tue, 31 Oct 2023 16:24:11 GMT
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{'group':'csp-endpoint','max_age':86400,'endpoints':[{'url':'/csp-report.php'}]}
Server
nginx
Strict-Transport-Security
max-age=15768000; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
0
index.css
m.korday.nahodyator.kz/templates/common/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/templates/common/styles/index.css
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d058588d9edf93ed0124508e2a937d8a9c600f2adfa90730ad1624f2449739c9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 09:24:22 GMT
Server
nginx
ETag
W/"6540c7c6-6d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 07 Nov 2023 16:24:11 GMT
index.css
m.korday.nahodyator.kz/templates/nahodyator/styles/ 		202 B
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Thu, 20 Aug 2015 05:48:00 GMT
Server
nginx
ETag
"55d56a10-ca"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
202
Expires
Tue, 07 Nov 2023 16:24:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e42c9082170855c28c838ab650b417f19f949abf4def8485107025f36b9ffd9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51169
x-xss-protection
0
server
cafe
etag
13374894987223406333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:24:11 GMT
context.js
yandex.ru/ads/system/ 		317 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6d3161212b1a1ba224aa4f1f3f5cecfbe036fce802f1146c6e6a39a3faf1c08a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1698769451851948-3318707418851448881-balancer-l7leveler-kubr-yp-sas-96-BAL-2071
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 31 Oct 2023 17:24:11 GMT
optimize.js
m.korday.nahodyator.kz/include/js/ 		430 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/include/js/optimize.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Sun, 26 Apr 2020 13:29:00 GMT
Server
nginx
ETag
"5ea58c9c-1ae"
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
430
Expires
Tue, 07 Nov 2023 16:24:11 GMT
by.png
m.korday.nahodyator.kz/images/countryflags/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.korday.nahodyator.kz/images/countryflags/by.png
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-490"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1168
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kz.png
m.korday.nahodyator.kz/images/countryflags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.korday.nahodyator.kz/images/countryflags/kz.png
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-6ab"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1707
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ru.png
m.korday.nahodyator.kz/images/countryflags/ 		581 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.korday.nahodyator.kz/images/countryflags/ru.png
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-245"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
581
Expires
Thu, 31 Dec 2037 23:55:55 GMT
www.png
m.korday.nahodyator.kz/images/platform/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.korday.nahodyator.kz/images/platform/www.png
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Mon, 25 Apr 2016 06:09:00 GMT
Server
nginx
ETag
"571db47c-2f9"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
761
Expires
Thu, 31 Dec 2037 23:55:55 GMT
h.png
m.korday.nahodyator.kz/images/platform/ 		707 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.korday.nahodyator.kz/images/platform/h.png
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e70c54f6974cc0a8a7202253065063c4a418e29e48dc52ce8eab7470dc712b40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Mon, 25 Apr 2016 06:09:00 GMT
Server
nginx
ETag
"571db47c-2c3"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
707
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		131 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b63ab4f992f92e10149b1a68003620a2be6419b23a3120437a9a1bb08287e2b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51116
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 16:24:11 GMT
all.css
m.korday.nahodyator.kz/templates/nahodyator/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/templates/nahodyator/styles/all.css
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
aab728593ff1e0ee7c61d1d4adda664b026431c6ab0c8256ecf1f01428857cb3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Tue, 31 Oct 2023 09:22:09 GMT
Server
nginx
ETag
W/"6540c741-625"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 07 Nov 2023 16:24:11 GMT
screen.css
m.korday.nahodyator.kz/templates/nahodyator/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/templates/nahodyator/styles/screen.css
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9fda06a41e04abb42ad8a70a346d0935cd48ce2485b1a0d9570a00db95ecbc0e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 22:23:00 GMT
Server
nginx
ETag
W/"5d0ab5c4-7bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 07 Nov 2023 16:24:11 GMT
handheld.css
m.korday.nahodyator.kz/templates/nahodyator/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://m.korday.nahodyator.kz/templates/nahodyator/styles/handheld.css
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
8ed140d5e4001fdab6237003b9c7d73f947c54c8ad3a8eaa6b0f9c59e9841a93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/templates/nahodyator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 16:24:11 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 22:23:00 GMT
Server
nginx
ETag
W/"5d0ab5c4-726"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 07 Nov 2023 16:24:11 GMT
hit;poiskuny
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442...
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u044...
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0...
133 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.9828876024933533
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
267b08ded856884890e30b2b15f2fe0b303624dd342a2d1624295dbcbccd7eb9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 16:24:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
133
Expires
Sun, 30 Oct 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 16:24:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.9828876024933533
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 30 Oct 2022 21:00:00 GMT
hit;nahodyator
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;nahodyator?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u04...
  • https://counter.yadro.ru/hit;nahodyator?t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0...
  • https://counter.yadro.ru/hit;nahodyator?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%...
129 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;nahodyator?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.5873968181040847
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
7990b0565577b626cae5ef0cb62eae9b8e7075529af79e328f26bfc8a5254f75
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 16:24:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
129
Expires
Sun, 30 Oct 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Oct 2023 16:24:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;nahodyator?q;t26.6;r;s1600*1200*24;uhttp%3A//m.korday.nahodyator.kz/;h%u041D%u0410%u0425%u041E%u0414%u042F%u0422%u041E%u0420%20-%20%u043D%u0430%u0445%u043E%u0434%u0438%u0442%20%u0432%u0441%u0435%20%u0441%u0430%u043C%u044B%u0435%20%u0441%u0432%u0435%u0436%u0438%u0435%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F;0.5873968181040847
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 30 Oct 2022 21:00:00 GMT
js
www.googletagmanager.com/gtag/ 		239 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJWL5MC007&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38457f72ad2d25578a10e30109a754c03f79a805b5023ec684749c3837efc5fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84892
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 16:24:11 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 15:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1959
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 17:51:32 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NJWL5MC007&gtm=45je3ap0v874549587&_p=2041053619&gcd=11l1l1l1l1&cid=271623727.1698769452&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1698769451&sct=1&seg=0&dl=http%3A%2F%2Fm.korday.nahodyator.kz%2F&dt=%D0%9D%D0%90%D0%A5%D0%9E%D0%94%D0%AF%D0%A2%D0%9E%D0%A0%20-%20%D0%BD%D0%B0%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B0%D0%BC%D1%8B%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWL5MC007&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://m.korday.nahodyator.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2041053619&t=pageview&_s=1&dl=http%3A%2F%2Fm.korday.nahodyator.kz%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%90%D0%A5%D0%9E%D0%94%D0%AF%D0%A2%D0%9E%D0%A0%20-%20%D0%BD%D0%B0%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B0%D0%BC%D1%8B%D0%B5%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=686280224&gjid=1897680654&cid=271623727.1698769452&tid=UA-127232603-1&_gid=1458192993.1698769452&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=1635304660
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://m.korday.nahodyator.kz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://m.korday.nahodyator.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1a952ab405fcdd043bdc542e3a99af1907a91b1a58cb9cf31e32b975b1c24bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137231
x-xss-protection
0
server
cafe
etag
7449191632660749730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:24:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 1D10 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m.korday.nahodyator.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
52091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 01:56:01 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 01:56:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6432e6c3bc5f96073c4b.js
yastatic.net/partner-code-bundles/899442/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/899442/6432e6c3bc5f96073c4b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
94a6c453550712517541d50efe28661db88b00e4c08f4f6afe0637a3098d8b6a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4780
last-modified
Mon, 30 Oct 2023 17:51:08 GMT
server
nginx/1.17.9
etag
"81079ca5e52b4a25dedafba89b60fa6e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:57:49 GMT
2b8e7caf6e00d932ec0a.js
yastatic.net/partner-code-bundles/899442/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/899442/2b8e7caf6e00d932ec0a.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
667345ae99be4c17bdf7419a6dccc3347885b966ec1a2358ab2b9a00629f50d8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7943
last-modified
Mon, 30 Oct 2023 17:51:08 GMT
server
nginx/1.17.9
etag
"3ccb788533a6ac596748a37f57395d07"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:57:49 GMT
80e2dd87fa4061958188.js
yastatic.net/partner-code-bundles/899442/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/899442/80e2dd87fa4061958188.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
6445a0b05b7271f85f85cf610c07ce62f72689123d88cd202f5d3e720c402c95
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26698
last-modified
Mon, 30 Oct 2023 17:51:08 GMT
server
nginx/1.17.9
etag
"d774c037ef44363ef4dc90461580bc6c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:57:49 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:59:50 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
db06d35a0895cfbc
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 22:13:02 GMT
d09bb87b7cc754e195d6.js
yastatic.net/partner-code-bundles/899442/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/899442/d09bb87b7cc754e195d6.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2e08c101aa4ead4342a8b47e646c86ae340100913da50ffaafc22fb64e28b1a8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14838
last-modified
Mon, 30 Oct 2023 17:51:08 GMT
server
nginx/1.17.9
etag
"b007913d3e5a2aa25c20941ecf281be0"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:57:49 GMT
d8ac5118ee5e7edb3944.js
yastatic.net/partner-code-bundles/899442/ 		607 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/899442/d8ac5118ee5e7edb3944.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
72607562553d87afa21da148c3e883e1954bdbba42e08bcf07ccd86b35be71eb
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://m.korday.nahodyator.kz/
Origin
http://m.korday.nahodyator.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:12 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
119112
last-modified
Mon, 30 Oct 2023 17:51:08 GMT
server
nginx/1.17.9
etag
"c9eff8d38c23194b2b36828e17a44a24"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 30 Oct 2053 22:57:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C2F4 		85 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1698765851&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fm.korday.nahodyator.kz%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698769451993&bpp=3&bdt=551&idt=264&shv=r20231026&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6862048289181&frm=20&pv=2&ga_vid=271623727.1698769452&ga_sid=1698769452&ga_hid=2041053619&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079191%2C31079232%2C44805931%2C44807454%2C31078301%2C31079176%2C31079155%2C44806140&oid=2&pvsid=1509992696871372&tmod=410522610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30a25e954676b1fd5c155d4f5a5c1a33aaf5bfb6743d780591690c1007bc7ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m.korday.nahodyator.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24606
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:24:12 GMT
expires
Tue, 31 Oct 2023 16:24:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/reactive_library_fy2021.js?bust=31079176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aed09d115f61b4a62cc17d2ac5fde67e17ece13a297609942f81d34377dddf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55378
x-xss-protection
0
server
cafe
etag
11890357212695897447
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:24:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame 504A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m.korday.nahodyator.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
18475
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 11:16:18 GMT
etag
4569948109300706969
expires
Tue, 14 Nov 2023 11:16:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 9781 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d7d78c97d56180146afcc9f6796d404d42279ca4c6434de6754f83bc90f8641

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 31 Oct 2023 16:24:13 GMT
content-encoding
br
last-modified
Tue, 31 Oct 2023 13:41:22 GMT
vary
Accept-Encoding
x-azure-ref
20231031T162413Z-vc5yc1s5vt1w94nps2mq6e022w000000032g000000001cgd
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
12845aa4-e01e-00ed-0500-0ca0d2000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame 9781 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Tue, 31 Oct 2023 16:24:13 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
9692872
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-bru1480040-BRU
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1698769453.250890,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 228745
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 9781 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 14:05:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
8340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 14:05:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 9781 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
75939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9781 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: m.korday.nahodyator.kz
URL: http://m.korday.nahodyator.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Oct 2023 16:24:13 GMT
c.gif
www.bing.com/aes/ Frame 9781
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=364502be-f319-4fd0-b84a-f2d0637855a9&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e4c6913c-cc8b-4bdb...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58a472de0ce74a73a678f56e7c90546e&SNR=1&GV=2&med=10
0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58a472de0ce74a73a678f56e7c90546e&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
2a02:26f0:480:21::217:d112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5F3FA853B8514241B52A8F7ED1A570D0 Ref B: FRA31EDGE0821 Ref C: 2023-10-31T16:24:13Z
x-cdn-traceid
0.52d53e17.1698769453.e104e87
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 31 Oct 2023 16:24:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 017BD9EA030A4CA8AA7475C39C79DAD4 Ref B: FRA31EDGE0514 Ref C: 2023-10-31T16:24:13Z
x-cdn-traceid
0.52d53e17.1698769453.e104e73
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58a472de0ce74a73a678f56e7c90546e&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame 9781 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559550365871_1XEJKRV25CQ74HWIML&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=180&h=180&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:21::217:d112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fcf70f42020110af9140ccebc407894d18a76ee6f303089ca5e18f1fad5e8d2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.52d53e17.1698769453.e104e9f
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
13966
alt-svc
h3=":443"; ma=93600
rd_log
ams3-ib.adnxs.com/ Frame 9781 		0
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fm.korday.nahodyator.kz&e=wqT_3QKDBOgDAgAAAwDWAAUBCKzUhKoGEPve34vnyImWARgAKjYJdcaceqd6kD8RVDnebTD4jz8ZexSuR-F6hD8hVA0SACkRJAAxERuwMNmR-AM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeIr2BYABAYoBA1VTRJIBAQbwVZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEPMS1uYWhvZHlhdG9yLmt62ALwBuACoqgx6gIdaHR0cDovL20ua29yZGF5Lm5haG9kESnwfYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWd87bX-MKfm37ABQDJBQAAAAAAAPA_0gUJCQkMeAAA2AUB4AUB8AWSrjT6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNCREoASYI2gcGAV6kGADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=9b97d86a54451f0bd8c4c8ae16f58e229f8487bb&bdref=http%3A%2F%2Fm.korday.nahodyator.kz%2F&bdtop=true&bdifs=2&bstk=http%3A%2F%2Fm.korday.nahodyator.kz%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-8959338553837844%26fa%3D3%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26xpc%3DJGETNqbvOr%26p%3Dhttp%253A%2F%2Fm.korday.nahodyator.kz,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231026%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:13 GMT
an-x-request-uuid
4ba75e6a-a97f-4edb-a66b-423f6ac4fdad
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.153.46; 31.204.153.46; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 9781 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fm.korday.nahodyator.kz&e=wqT_3QKfB-ifAwAAAwDWAAUBCKzUhKoGEPve34vnyImWARgAKjYJdcaceqd6kD8RVDnebTD4jz8ZexSuR-F6hD8hVA0SACkRJAAxERuwMNmR-AM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeIr2BYABAYoBA1VTRJIBAQbwVZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEPMS1uYWhvZHlhdG9yLmt62ALwBuACoqgx6gIdaHR0cDovL20ua29yZGF5Lm5haG9kESlUgAMAiAMBkAMAmAMJoAMBqgOYAwqwAgEz8G1zOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWU0YzY5MTNjLWNjOGItNGJkYi1hMTE5LWNkNDEwMmRjYjFmYSZiaWRJZD0xNTAwMAEMWGRlcklkPTQmY21FeHBJZD1MVjMmb0FkLlwAGHB1Ymxpc2gFKSQxNjI2NDUzMzAmATcAZY5xALhydHlwZT1udXJsJnRhZ0lkPTgyNTk4MDEmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8MJwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoRODQ0ODQ1NzcwMDY0NDg1MDciCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNeE5UQTVOems1TXpNNE16UWpNak16TkRrMU1ETTRNRGc1TmpReE5BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFcFiIBQGYBQCgBZ3zttf4wp-bfsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7bc5f1d692d7ab5cc3b5b6baa83021669d1ccd71&type=nv&nvt=5&jm=1003&px=0&py=0&bw=180&bh=180&sid=4893032721539493692&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=8259801&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:13 GMT
an-x-request-uuid
e1f5a508-6683-4443-b62c-cf858bb27888
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.153.46; 31.204.153.46; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a5db80a848367ee9bc3a049d8f9399a803e0327daa9e498b12e96541c0d9fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12234
x-xss-protection
0
truncated
/ Frame 9781 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44039d5a0c19568f280d64bfe4faa5b691321df0c6237198d31dfc868c0b5930

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 9781 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGCruLCpBZeSkF9PZtOUP_uKc0AfS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04OTU5MzM4NTUzODM3ODQ0yAEJqAMByAMCqgTjAU_QuWLZCiq1MfnOGOxAbk5OKd5zqaMGPp7IhXBkya6lSAqUehTFQmj-9s2ZSJgpTD84_UWGB8sXZQ66hAMUlB-2NyndHj9DsfxcIystGhbSRib1tC7TVfUxgDjUmOYc2CDq9kn-EABhhxLd_3DWTSicJEI35AH6nyfNKoI26_ZfpzzfEHidmXsG7gQQwexJQqLHo6c74PAWEAB3rrRNHSHMTAzGQqDbvzutbc4pZJHVHh3tgl1tTdsTIfl-mVmPvvKBmCSSfm15G6bHYoZSy8rgHHN4fWVNV7p_G29Cs3l5k_JmgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5NTkzMzg1NTM4Mzc4NDQYAA&sigh=lMzkqLgYtQw&uach_m=[UACH]&cid=CAQSTADICaaNc2VfSLr2rs1ACdTtzhUE9_1v6D-tkYn7vXTf1CMjzHTb3dW6rHuNME85X6L_FUdyvm1sgeqZGQFIYrwlwLjP3pkI7PetO-AYAQ&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 31 Oct 2023 16:24:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 31 Oct 2023 16:24:13 GMT
it
ams3-ib.adnxs.com/ Frame 9781 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=http%3A%2F%2Fm.korday.nahodyator.kz&e=wqT_3QKfB-ifAwAAAwDWAAUBCKzUhKoGEPve34vnyImWARgAKjYJdcaceqd6kD8RVDnebTD4jz8ZexSuR-F6hD8hVA0SACkRJAAxERuwMNmR-AM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeIr2BYABAYoBA1VTRJIBAQbwVZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEPMS1uYWhvZHlhdG9yLmt62ALwBuACoqgx6gIdaHR0cDovL20ua29yZGF5Lm5haG9kESlUgAMAiAMBkAMAmAMJoAMBqgOYAwqwAgEz8G1zOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWU0YzY5MTNjLWNjOGItNGJkYi1hMTE5LWNkNDEwMmRjYjFmYSZiaWRJZD0xNTAwMAEMWGRlcklkPTQmY21FeHBJZD1MVjMmb0FkLlwAGHB1Ymxpc2gFKSQxNjI2NDUzMzAmATcAZY5xALhydHlwZT1udXJsJnRhZ0lkPTgyNTk4MDEmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8MJwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoRODQ0ODQ1NzcwMDY0NDg1MDciCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNeE5UQTVOems1TXpNNE16UWpNak16TkRrMU1ETTRNRGc1TmpReE5BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFcFiIBQGYBQCgBZ3zttf4wp-bfsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7bc5f1d692d7ab5cc3b5b6baa83021669d1ccd71&pp=ZUEqLAAF0mQGrSzTAAcxfu_l7PpTZbMCy4w8Iw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDhBHLCpBZeSkF9PZtOUP_uKc0AfS4Nfgbo-ktpOTCsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi04OTU5MzM4NTUzODM3ODQ0yAEJqAMByAMCqgTmAU_QuWLZCiq1MfnOGOxAbk5OKd5zqaMGPp7IhXBkya6lSAqUehTFQmj-9s2ZSJgpTD84_UWGB8sXZQ66hAMUlB-2NyndHj9DsfxcIystGhbSRib1tC7TVfUxgDjUmOYc2CDq9kn-EABhhxLd_3DWTSicJEI35AH6nyfNKoI26_ZfpzzfEHidmXsG7gQQwexJQqLHo6c74PAWEAB3rrRNHSHMTAzGQqDbvzutbc4pZJHVHh3tgl1tTdsTIfl-mRuNn2BDPN7_6pcNrjie5jBW6MBkFV1gpMfLDj7Dm0Vuq7n4cZ_yKMBFgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1CRwTgNrFP15uB4adBTHjJO-vOPw%26client%3Dca-pub-8959338553837844%26adurl%3D&cbvp=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:13 GMT
an-x-request-uuid
6e8c4833-ba4a-425b-84d9-1796c742bc7b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.153.46; 31.204.153.46; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8959338553837844&plah=m.korday.nahodyator.kz&bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 31 Oct 2023 16:24:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4799 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m.korday.nahodyator.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
8106
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 14:09:07 GMT
expires
Wed, 30 Oct 2024 14:09:07 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 690F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6dc0325b3873ef857e86e5522c0d8170ba9c8482a800547d0882b65758867c3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0dW74wOyUXxgUMuNB61xhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://m.korday.nahodyator.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0dW74wOyUXxgUMuNB61xhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 16:24:13 GMT
expires
Tue, 31 Oct 2023 16:24:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 4799 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 15:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 15:26:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 4799 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YMe31A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 16:24:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 690F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231026&jk=1509992696871372&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231026&jk=1509992696871372&bg=!bG-lbyDNAAbo5yKYyOc7ADQBe5WfOGI0QIy5BsALbedqs7y8a-V-fgs1E87Fu_nj7jxKid8NMlFKXECWgbVFEKGN-hduAgAAAH1SAAAABGgBBwoAsEbuJ9XmsppghcWn52IvOif8iOGMJOHexFCXmY0xY0jMZHWYJ7SIyCdAL19uYgFivO_uopbD9KrVzIxEIOeOGzpzK7ruxtoeCaJ7X42WsAG2ao6mkngJE-IzQwZltzhnB_fLSgXu7q5TXQ0rgzLhg_LAKunPqBDKmFU8cbiuV0dG68nxFWSM02GUz1550mM_erZ9RBIYuirkA703yD5xzaGQarcDtv26FrY2_F8lKVvvmQLAIxWynLCzEerDC7l88ntDIM5r1vvZPQHcRHMILA-cDRwnhFoanxWRIHDgkO0_hinWp8VznV9sVKWWCvWxFNTY45a5ssco3Pq4bu1fBMqwIB25eR-A5G2NVvJ6mRtdvCQIs2S4o17XobuljAkLe0ZBj2QPhv0tWggFUdFcw9TsB9vbwaajJf3daKZ2saTmFeao-35-d2JGh9S0scaYKGxZIGs6mzCaLX07-cThnI9jKsAkGd7xFXs_gRZC9eVNIuAHHi7cTVlCGe1R8MYOs4iQNxyx3L7O9ZtpvGXz0u_kvviHU82K_2VXT5DnfnbWN9-0ivJtZEpcTt9qMuQZ2HDd-VvPfWaeI_Efw_SaPoeng8ywy4fczaRHeFS0wNUsBk2CwKiNUBuUKNJYeiEuIRllOJgHEV1WX1AYeDZdxpWHjMA80LehOT6dDyiISM_y5CLd4MFNgj2aN62vCLndpour_0lq2rSz9VuzQwouyv6M-aq4haUGnLBjQfOIO7DPR4oOb7tytQFcvvvTWS0s4xk1zWz2qjYQVVHkcEC3kTHHmQB5jjlg5B5HHtLTQja-em-qoDoZfXwGd0iF6lq33v9cu57BVifeHQszxZbS9qAgWL81z7q6Bky70iAW8jkQDWUGgN2wClyBv3u3Y82Hj7ISQiw7L_g5w7PKDc7u7Df6x4ZWWNM1DPvXTj_6fLd9RCOt6e3MCr0OEQc54N9szzwnZSeQ_szaDMMZelj4Fd2ZnpD9ZzMISyrif7QZhp0jwV5HYtKxYZ_3tVXSqtudN2t3NmaPLsNa6eyYavmMC24lHQs0jNPQYuuuPW9RAr-II0f0HBJUAajcmAXJQe40Fgj0vheNxWSu1cLanSEVVqQUhH264Vin8P1kMxYNz1zGb7sAjIXA-H8d5F14iFQ-GPUKQSojiddL9lRss409jX2eOeE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://m.korday.nahodyator.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
vevent
ams3-ib.adnxs.com/ Frame 9781 		0
556 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fm.korday.nahodyator.kz&e=wqT_3QKfB-ifAwAAAwDWAAUBCKzUhKoGEPve34vnyImWARgAKjYJdcaceqd6kD8RVDnebTD4jz8ZexSuR-F6hD8hVA0SACkRJAAxERuwMNmR-AM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeIr2BYABAYoBA1VTRJIBAQbwVZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA-gEPMS1uYWhvZHlhdG9yLmt62ALwBuACoqgx6gIdaHR0cDovL20ua29yZGF5Lm5haG9kESlUgAMAiAMBkAMAmAMJoAMBqgOYAwqwAgEz8G1zOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWU0YzY5MTNjLWNjOGItNGJkYi1hMTE5LWNkNDEwMmRjYjFmYSZiaWRJZD0xNTAwMAEMWGRlcklkPTQmY21FeHBJZD1MVjMmb0FkLlwAGHB1Ymxpc2gFKSQxNjI2NDUzMzAmATcAZY5xALhydHlwZT1udXJsJnRhZ0lkPTgyNTk4MDEmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ8MJwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoRODQ0ODQ1NzcwMDY0NDg1MDciCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RNeE5UQTVOems1TXpNNE16UWpNak16TkRrMU1ETTRNRGc1TmpReE5BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8ARFcFiIBQGYBQCgBZ3zttf4wp-bfsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFkq40-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNFWUBJgjaBwYBXrAYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=7bc5f1d692d7ab5cc3b5b6baa83021669d1ccd71&type=pv&jm=1003&px=0&py=0&bw=180&bh=180&sf=1&sid=4893032721539493692&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=8259801&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:14 GMT
an-x-request-uuid
3962bf6b-4d8e-46eb-8356-eac62846465b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.204.153.46; 31.204.153.46; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c.gif
www.bing.com/aes/ Frame 9781
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=364502be-f319-4fd0-b84a-f2d0637855a9&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e4c6913c-cc8b-4bdb...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58a472de0ce74a73a678f56e7c90546e&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58a472de0ce74a73a678f56e7c90546e&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:480:21::217:d112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0605DEDA63044E9FA6FCEA22D474F010 Ref B: FRA31EDGE0514 Ref C: 2023-10-31T16:24:14Z
x-cdn-traceid
0.52d53e17.1698769454.e1050d5
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 31 Oct 2023 16:24:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 945501A8849040338DD7758845B844E0 Ref B: FRA31EDGE0107 Ref C: 2023-10-31T16:24:14Z
x-cdn-traceid
0.52d53e17.1698769454.e1050b6
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58a472de0ce74a73a678f56e7c90546e&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
activeview
pagead2.googlesyndication.com/pcs/ Frame 9781 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3X_XZQ3OfHYfB2uY0vn3U2kIkdGAgYjGvmlIfifjcZbYuwt22TQWijXQzfL47Ae8ugXZEL2P-0D2zlQfscsIv5dy5q9Mqyv77P9PW&sig=Cg0ArKJSzP-iXnh2MsAkEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1698769453132&rpt=400&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 16:24:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| yaContextCb function| gtag object| dataLayer function| openNextCat function| random object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| cnc object| pcode_899442_default_LtkPr3qlSU object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: 9VJR9Ry0dff94l1VWeQM8VXraMcQxUumsesKHiUGSAK+ucAcIu6XmqJ/E0BlYAfdVo009l6GsdpunAxHkj10YzT6O9M=
.yandex.ru/ Name: yandexuid
Value: 6514488811698769451
.yandex.ru/ Name: yashr
Value: 5334432521698769451
.nahodyator.kz/ Name: _ga_NJWL5MC007
Value: GS1.1.1698769451.1.0.1698769451.0.0.0
.nahodyator.kz/ Name: _ga
Value: GA1.2.271623727.1698769452
.nahodyator.kz/ Name: _gid
Value: GA1.2.1458192993.1698769452
.nahodyator.kz/ Name: _gat_gtag_UA_127232603_1
Value: 1
.yadro.ru/ Name: FTID
Value: 1bGIei132h8g1bGIei002Vre
.yadro.ru/ Name: VID
Value: 1k2Uo70O7z8g1bGIei0025r2
.bing.com/ Name: MUID
Value: 3D7A6E1B0EE562822A857DA00F6E630A
.nahodyator.kz/ Name: __gads
Value: ID=ebd6d7bf4230c991:T=1698769452:RT=1698769452:S=ALNI_MbXA4uqx_l8kkn3RprINRTrMxIjvQ
.nahodyator.kz/ Name: __gpi
Value: UID=00000caf8a96c030:T=1698769452:RT=1698769452:S=ALNI_MY7TZZTgszYMVkcu4xbumfybsRCwg
.doubleclick.net/ Name: IDE
Value: AHWqTUmp_vAYTld5j8Sec36MRs4vzhHl3Qqyc0KktL-rNxLSlPozN6C07qjiRFcd-b4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src yandex.ru https://*.yandex.ru https://*.yandex.net https://*.yandex.com http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net *.google-analytics.com https://clk.streamgo.ru 'report-sample'; font-src https://yastatic.net https://fonts.gstatic.com; frame-src https://yastatic.net https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * data: 'report-sample'; manifest-src 'self'; media-src data: 'self' https://strm.yandex.ru https://*.strm.yandex.net https://cdn.streamgo.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://yandex.ru https://yastatic.net http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com https://mc.yandex.ru https://mc.yandex.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Strict-Transport-Security max-age=15768000; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
cdn.adnxs.com
counter.yadro.ru
googleads.g.doubleclick.net
m.korday.nahodyator.kz
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
151.101.65.108
185.89.210.153
2001:4860:4802:32::36
2620:1ec:bdf::45
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a02:26f0:480:21::217:d112
2a02:6b8:20::215
2a02:6b8:a::a
2a10:9200:1:ad::1
88.212.201.204
88.212.202.52
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0a5db80a848367ee9bc3a049d8f9399a803e0327daa9e498b12e96541c0d9fc4
267b08ded856884890e30b2b15f2fe0b303624dd342a2d1624295dbcbccd7eb9
2e08c101aa4ead4342a8b47e646c86ae340100913da50ffaafc22fb64e28b1a8
30a25e954676b1fd5c155d4f5a5c1a33aaf5bfb6743d780591690c1007bc7ecf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38457f72ad2d25578a10e30109a754c03f79a805b5023ec684749c3837efc5fc
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
44039d5a0c19568f280d64bfe4faa5b691321df0c6237198d31dfc868c0b5930
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5d7d78c97d56180146afcc9f6796d404d42279ca4c6434de6754f83bc90f8641
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6445a0b05b7271f85f85cf610c07ce62f72689123d88cd202f5d3e720c402c95
667345ae99be4c17bdf7419a6dccc3347885b966ec1a2358ab2b9a00629f50d8
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3161212b1a1ba224aa4f1f3f5cecfbe036fce802f1146c6e6a39a3faf1c08a
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
6dc0325b3873ef857e86e5522c0d8170ba9c8482a800547d0882b65758867c3f
72607562553d87afa21da148c3e883e1954bdbba42e08bcf07ccd86b35be71eb
7990b0565577b626cae5ef0cb62eae9b8e7075529af79e328f26bfc8a5254f75
8ed140d5e4001fdab6237003b9c7d73f947c54c8ad3a8eaa6b0f9c59e9841a93
94a6c453550712517541d50efe28661db88b00e4c08f4f6afe0637a3098d8b6a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9fda06a41e04abb42ad8a70a346d0935cd48ce2485b1a0d9570a00db95ecbc0e
a1a952ab405fcdd043bdc542e3a99af1907a91b1a58cb9cf31e32b975b1c24bc
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aab728593ff1e0ee7c61d1d4adda664b026431c6ab0c8256ecf1f01428857cb3
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aed09d115f61b4a62cc17d2ac5fde67e17ece13a297609942f81d34377dddf6a
b63ab4f992f92e10149b1a68003620a2be6419b23a3120437a9a1bb08287e2b1
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d058588d9edf93ed0124508e2a937d8a9c600f2adfa90730ad1624f2449739c9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c9082170855c28c838ab650b417f19f949abf4def8485107025f36b9ffd9e
e5d5edf303620b3678fdd3798621667a0ad913dd6f5d3329eca7c6eb16e3f6ca
e70c54f6974cc0a8a7202253065063c4a418e29e48dc52ce8eab7470dc712b40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcf70f42020110af9140ccebc407894d18a76ee6f303089ca5e18f1fad5e8d2b