urlscan.io logo urlscan.io
SecurityTrails logo

zaemonline.kz Open in urlscan Pro
178.89.186.213  Public Scan

Go To Rescan Add Verdict Report
URL: https://zaemonline.kz/mikrokrediti.html
Submission: On December 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 13 countries across 37 domains to perform 291 HTTP transactions. The main IP is 178.89.186.213, located in Karaganda, Kazakhstan and belongs to KAZTELECOM-AS, KZ. The main domain is zaemonline.kz.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.
This is the only time zaemonline.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
71 178.89.186.213 9198 (KAZTELECO...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
24 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a04:4e42::649 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:6b8::1:119 13238 (YANDEX)
1 3 91.201.214.115 48716 (PSKZ-ALA)
6 21 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
68 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
12 172.217.16.194 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
1 18 142.250.185.98 15169 (GOOGLE)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.2.229 198622 (ADFORM)
1 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 2 52.28.181.94 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 2 35.190.0.66 15169 (GOOGLE)
2 52.58.171.137 16509 (AMAZON-02)
1 1 51.89.9.252 16276 (OVH)
1 2 2.19.217.101 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.181 1299 (TWELVE99 ...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 91.121.248.44 16276 (OVH)
2 104.64.118.247 16625 (AKAMAI-AS)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
291 33
71    178.89.186.213 (Karaganda, Kazakhstan)

ASN9198 (KAZTELECOM-AS, KZ)
zaemonline.kz
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.sendpulse.com
24    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
mc.yandex.kz
3    91.201.214.115 (Almaty, Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
PTR: zero-web-01.neolabs.net
c.zero.kz
21    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
19    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
68    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googleadservices.com
12    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
3    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
18    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2a05:d018:d29:3605:885b:36b0:5c58:578 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
prod-rtb.ad4mat.net
2    52.28.181.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    52.58.171.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
2    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web.webpushs.com
Apex Domain
Subdomains		 Transfer
92 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
1 MB
71 zaemonline.kz
zaemonline.kz
2 MB
40 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
293 KB
23 gstatic.com
www.gstatic.com
fonts.gstatic.com
319 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at — Cisco Umbrella Rank: 35458
134 KB
12 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
515 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
834 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
7 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
3 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1 KB
3 zero.kz
c.zero.kz — Cisco Umbrella Rank: 188602
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
57 KB
2 webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 61928
15 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13930
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
655 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
454 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
934 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
static-de.ad4mat.net — Cisco Umbrella Rank: 192580
1018 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 yandex.kz
mc.yandex.kz — Cisco Umbrella Rank: 175065
754 B
1 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
327 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
614 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
104 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
388 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
716 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
586 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
546 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
32 KB
1 sendpulse.com
cdn.sendpulse.com — Cisco Umbrella Rank: 49472
37 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
94 KB
291 37
Domain Requested by
71 zaemonline.kz zaemonline.kz
cdn.sendpulse.com
68 tpc.googlesyndication.com googleads.g.doubleclick.net
zaemonline.kz
www.gstatic.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
24 pagead2.googlesyndication.com zaemonline.kz
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
21 googleads.g.doubleclick.net 6 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
19 www.gstatic.com googleads.g.doubleclick.net
18 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
12 www.googleadservices.com zaemonline.kz
googleads.g.doubleclick.net
8 www.googletagservices.com googleads.g.doubleclick.net
6 assets.ad4m.at as.ad4m.at
6 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
6 fonts.googleapis.com googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects zaemonline.kz
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 fonts.gstatic.com fonts.googleapis.com
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 c.zero.kz 1 redirects zaemonline.kz
3 mc.yandex.ru 2 redirects zaemonline.kz
2 web.webpushs.com cdn.sendpulse.com
2 www.awin1.com as.ad4m.at
2 d5p.de17a.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 x.bidswitch.net googleads.g.doubleclick.net
2 ads.travelaudience.com 2 redirects
2 pm.w55c.net 2 redirects
2 c1.adform.net 2 redirects
2 um.simpli.fi 2 redirects
2 mc.yandex.kz 1 redirects zaemonline.kz
2 www.google-analytics.com zaemonline.kz
www.google-analytics.com
2 region1.google-analytics.com www.googletagmanager.com
1 pv.medialead.de as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 onetag-sys.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 code.jquery.com zaemonline.kz
1 cdn.sendpulse.com zaemonline.kz
1 www.googletagmanager.com zaemonline.kz
291 46

This site contains links to these domains. Also see Links.

Domain
vk.com
twitter.com
prestamoenlinea.mx
pepecredito.es
zero.kz
Subject Issuer Validity Valid
zaemonline.kz
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
1603358863.rsc.cdn77.org
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
c.zero.kz
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-11-21 -
2024-02-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
ad4mat.net
GTS CA 1P5		 2023-11-18 -
2024-02-16		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
web.webpushs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-06 -
2024-01-16		 a year crt.sh

This page contains 34 frames:

Primary Page: https://zaemonline.kz/mikrokrediti.html
Frame ID: 0C4442EC26A6954826955CC7ACBFADF8
Requests: 95 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: DDFB738F59BA91F79B331A825F1AA3E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&adk=1812271804&adf=3025194257&lmt=1702784707&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706936&bpp=40&bdt=719&idt=279&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3163627070802&frm=20&pv=2&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=295
Frame ID: 067B2255CA863CFA90CD70FAE205FB03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: 893AD88FDB56F2B475991B2B55165BFA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Frame ID: C5B674440B82A938AD6DA64AA195BF5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Frame ID: 1BA885F799789191A4F00674A0827C3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Frame ID: AE61D6B81722A73ECD0BFF234090AB55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C3AB4BC0C3B93143768DF991612C515
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E0F66091AFCA02BF75F455457A54ADD2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E26AFD7B365085BFE5F202F4A49B6104
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B6876671FB368783484797FC503F5D54
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C30355CEF6E39FF6A5DAE278862793EA
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: BEB1E55D647666AFC7802AA3CCC8C995
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: C6F72F192FE5C75741E702E0D1726AE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D6FF37033CF14F2714444F82561A802
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
Frame ID: 272296093F4A16A84C60720B0E371E0C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 8790BA063B0C89E9CD26822A469E5A73
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AA49B4520AB89B34FB56593D8EEF85D
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: E6D0F7B44894D67FA14CD0F1739C8440
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 4CD254CF7BF443DBE9459A4DE00962C3
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 526C01A08CBB7BA048E48DC37DBACDDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 3D4FFEB86A9016213D441A07A827204C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 515567463C149632804A050DFADE2F6E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Frame ID: AEBDEE6AF3E1B745FCD6FB39B4C67BCD
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ECBF34DAC9A4674E89D0D531897B9BC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Frame ID: 1DE6798200921F696A91BDEFF11D20AA
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4DA7513F1AA9CC7D2FC5F914902E20FB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 42AEF6F3A09F926EB75C603221B20E66
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 5860B065C697A83E736061852FF7EFBE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F227F23D87370EB55D492FF4B46A98BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1E784255A13078C9864BB83FAF49BA6B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Frame ID: F3A7A87D755ABB66B4CBBD2E1244A32B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A6B895E7AD33681C6616DDFA99E572B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4A25A3D8C696932378682C371A47082
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Микрокредиты в Казахстане | zaemonline.kz

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

291
Requests

91 %
HTTPS

57 %
IPv6

37
Domains

46
Subdomains

33
IPs

13
Countries

5180 kB
Transfer

10105 kB
Size

52
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://c.zero.kz/z.js HTTP 301
  • https://c.zero.kz/z.js?c=be0a64726a4e76
Request Chain 83
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10219.lY5Y0Amrny21BJzSG4XiBq7HSDj1n7KdpvvUdL6oYX2uP02mQH7OwLl6tp4S0Cle.oVqxR3iKJcIS7ADHIA-4uYe96-Q%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10219.zI3flP47zjXWZgdO4C0lp8_D0ViYIvVyFyPgi232ym43STRDIy3GD37vkAmOfYAeVzEFUz3NMZ5SIdejYsHxCIwVKHqugyDJMwh_UoFYA_OaPhuNrScIVYojx9LjcE7afK3mnWzzn-obIJ8U-RAH2VRxB3jC5R7rslEYoADRNfLH7_e26HnHEJkg7fJ-tgbghkaAwHxG1I-_8DyUnfkvGrO5zdb4P0VipTXbWOd6f2c%2C.dXB26FuXEb9KHPMemsW4GSkJb8c%2C
Request Chain 84
  • https://mc.yandex.kz/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.kz&token=10219._hPSyBES0QSULpl2cdUBVJkMyHAWfJx2BpboFELFVNVtoH4MYaceOjY7Ah9WqF85.IwCOGu3e5S1pHhX4sZ4UJnRRiuo%2C HTTP 302
  • https://mc.yandex.kz/sync_cookie_image_decide?token=10219.nJiOurSc9M9Y4Q04ENPVMQyaav9tya_BUaTiHItVTVX0PlWxxc2zRewLSrmYeGPo_SfUySOQl4linFBVXfLXYkCeNizSHnufsPkuCuuNzW2REq8wQCqukVAGE--7LbeDhuxDplrfLMVOMKbmCV67duJfE_2YVKb16v8GJ2aG6useqP451kQeMbzHpyzMaOV78SkikzR0UDRnId1oeoDH3LU_SYrgW6hwf0QsnxTt4xs%2C.dwroBdZt-s98b5fwvPfFnUdJSM8%2C
Request Chain 86
  • https://mc.yandex.com/watch/24958555?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A490623236692%3Ahid%3A313630790%3Az%3A60%3Ai%3A20231217044507%3Aet%3A1702784707%3Ac%3A1%3Arn%3A306649056%3Arqn%3A1%3Au%3A1702784707954631793%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C408%2C1655%2C403%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1702784704042%3Agi%3AR0ExLjIuOTQxNjIxMTU1LjE3MDI3ODQ3MDc%3D%3Arqnl%3A1%3Ast%3A1702784708%3At%3A%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/24958555/1?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A490623236692%3Ahid%3A313630790%3Az%3A60%3Ai%3A20231217044507%3Aet%3A1702784707%3Ac%3A1%3Arn%3A306649056%3Arqn%3A1%3Au%3A1702784707954631793%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C408%2C1655%2C403%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1702784704042%3Agi%3AR0ExLjIuOTQxNjIxMTU1LjE3MDI3ODQ3MDc%3D%3Arqnl%3A1%3Ast%3A1702784708%3At%3A%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 113
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 151
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C7RXnw25-ZbfMENOh9u8Ppc6B0Ajdr_KodMuChtjJEc6Focr2ARABIMSYyBtglcKwgrgHoAHK0f_DA8gBCakCDqjL0mBHsj6oAwHIA8sEqgTVAU_QWiGNL-r2axFQYnp5__8xlo6iXEhrfJk0pKxNGfnK3a7Sp-jjBnCACYyC3mTFxMlK9DdGPkilHxIwIqjlDl69DE6jFSVv0frdbUpPFtI0J8QKWaSOn25qIPtokTJMiGmC_Q1BPMdNLn_9BW5aKFnMGGzmaH2VqlwIq-XYjoER_DpzTwHSQvSvUGO9Eey-N3okKTIqtX74NONygIU67GBjNaHD5Eu6gh6yA1bgSx7tepg-U43FgI5mEazuzydSKAAzimeOY7Q7QfWmUaPtEcrfyYFQuMAE0bymzbwEiAXnxP3eS5IFBAgEGAGSBQQIBRgEoAYugAfdspYuqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQp-qJAdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoZnsrMeVgwOaCYkBaHR0cHM6Ly93d3cud2VsdHNwYXJlbi5kZS9zL2Zlc3RnZWxkLXZlcmdsZWljaC1hbmdlYm90ZS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1kZV9kaXNfcHJvc3BlY3RpbmdfdGRfaW5tYXJrZXSACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEwuIFALQFQGAFwGyFxwKGggAEhRwdWItNTk4OTMyMDc4MzU5NTIzNhgA&sigh=PxIoNo3N3lY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214032602877283574342%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226075946185404613041%22}&andc=true
Request Chain 183
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CmK3Dw25-ZbTQEPiC7_UPraaYkAPvuPXldJO7956MEtrZHhABIMSYyBtglcKwgrgHoAHjw8nWAsgBAakCDqjL0mBHsj6oAwHIA8MEqgTeAU_QVdWPL5S1YTGSnFSt_Z9gRIqZBAEo2b7Cgms8h7JiUvgb7uRBCJn5tjBnt45wlGyrKL5nRHnPDMIqwPuxiz3f489T80FsFBKo-n5BcqZYRVv8j7e_OJ9wddVSbpMl3tqwFYJBtS8PNBBuHZlVHEph9GqHJJdj4j9QYJ5uuGuMx4HYZuV6klihVMGQltsQlPH0IGVtvIeBvP-9BZuHK6PaQxsqRlk-iA9y5b_NiVwIItToXo6txlmIApP5hqlDfA2PRstlFYiIKcS_c1BnvpQ-g34KLo8KM8CEEMFQl8AEw5OY1cMEiAXpscf1OJIFBAgEGAGSBQQIBRgEoAZmgAeFvLapAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEIvy3AHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOWj7KzHlYMDmgksaHR0cHM6Ly9maW5vbS5jby9kZS1kZS9sYXVuY2gteW91ci1idXNpbmVzcy-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU5ODkzMjA3ODM1OTUyMzYYAA&sigh=rnolLDj45us&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_4ro4hgAQd3e10euBjD8c7aiIII-nGktuiLZYUqqI5QgX8jUqb_lxtJRPiW2MBpnTE_yPoANSejAQjwbZrYfMa97EeZwe1IimHOYYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216565784711253647052%22,%22debug_reporting%22:true,%22destination%22:%22https://finom.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22718430691%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229696156277923270865%22}&andc=true
Request Chain 193
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 194
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDG_NgniGjEwjVeyWsgMJtA&google_cver=1&google_push=AXcoOmRVV_VgM398JdFUMcX9VC27-g5eeWpdtZHCKnYqckyJkDLT1OKdOYzzwTg-P_BTRBWw0aShhDvwzLKun-JILIpXxdXpQbwSBP0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDG_NgniGjEwjVeyWsgMJtA&google_push=AXcoOmRVV_VgM398JdFUMcX9VC27-g5eeWpdtZHCKnYqckyJkDLT1OKdOYzzwTg-P_BTRBWw0aShhDvwzLKun-JILIpXxdXpQbwSBP0
Request Chain 195
  • https://um.simpli.fi/gp_match?google_gid=CAESEFUwFReXs4KcbZgfGZkeV2Q&google_cver=1&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF3e5DDZa9io6wNmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF3e5DDZa9io6wNmw
Request Chain 196
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENVCL70bABYUWEM3qKPdW3E&google_cver=1&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGPOKOEoY-GL2_hBs7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzQwNDYzMjk5Njk2ODYwNQ%3D%3D&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGPOKOEoY-GL2_hBs7g
Request Chain 197
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED-eNVWK29_L-H8PEHf4hVM&google_cver=1&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD0pU4H-1k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD0pU4H-1k&google_hm=eS1ISkZlN0ZCRTJwRWFfZnF3TDhnS3hSUXdBbmZTQzdfYX5B
Request Chain 198
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFo1xJ4rSyGmC_RuGhPY6mw&google_cver=1&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM74pVqcK4IWqQMQGNNQcFrCA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFo1xJ4rSyGmC_RuGhPY6mw&google_cver=1&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM74pVqcK4IWqQMQGNNQcFrCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU2MTQ5NzcwNTA3NzY1NzU2MA&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM74pVqcK4IWqQMQGNNQcFrCA
Request Chain 200
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 204
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFs8ew25-ZbjMENOh9u8Ppc6B0Ajdr_KodMuChtjJEc6Focr2ARABIMSYyBtglcKwgrgHoAHK0f_DA8gBCakCDqjL0mBHsj6oAwHIA8sEqgTVAU_QfKE5d7xR31MfzOcobhDtzJdlrb0WqiSEl5TlKfPcEAGaIWxApvXqqQOK0AstwfdHc66YUo_qJWW9_Ay62erPY5YG6bxkCQsugb7cB-PRNbaLDkn64Qcz97Jtl90SoK0ef1vbMbzwMo_DX9HRjqv_Y1LOFngpI3e-hVXLS7ZZOnlvxXpo9Rjy2qHrCpRXwV7SUD0cW_O6eh01C0xjoJ-cqsoPM0CfxOfLac6xNI3_MGc0e3R2yrpnwJ4UoGuqcJn2gZuWzDQ5QIbnS9f88ze8sAi3gMAE0bymzbwEiAXnxP3eS5IFBAgEGAGSBQQIBRgEoAYugAfdspYuqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ9bOTAdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoZnsrMeVgwOaCYkBaHR0cHM6Ly93d3cud2VsdHNwYXJlbi5kZS9zL2Zlc3RnZWxkLXZlcmdsZWljaC1hbmdlYm90ZS8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1kaXNwbGF5JnV0bV9jYW1wYWlnbj1kZV9kaXNfcHJvc3BlY3RpbmdfdGRfaW5tYXJrZXSACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEwuIFALQFQGAFwGyFxwKGggAEhRwdWItNTk4OTMyMDc4MzU5NTIzNhgA&sigh=gBLsRX5Pmwk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221824642140942136015%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212235303477012402273%22}&andc=true
Request Chain 208
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cbg40w25-ZduOOPCh9u8Pg_iT6AqO8J30c_3f44vvEWQQASDEmMgbYJXCsIK4B6ABkqy4lAPIAQmoAwHIA0iqBN8BT9CWakj2OKHCKAON1T5H0KgiZcbE59M3pO5MDulQ808APEB6i0Da11HSMzkbNRpfFiX9c_YNO8Q9c-RzSQKLJoX12uB98GTG-TN92DOhgma6W4hn4pMQIZkP3JBw-lHrk5UUHxR1fAecuPdMQO1vuEiEUUppzPQGtT8UY6-Xz4ZQnFuvdHlgz8FrHqptAsKr5Yhq7ikk3Gvg20Ov_UrNexyrlGUnZ5yJJukXmine2a5LYgsfZ3uuzL6QpgVS6_1WX3_fd1v-JRkZKVt4Arva2T9CszKojnp2EZC-Kec0YcAEwL6ij78EiAX95YyuTJIFBAgEGAGSBQQIBRgEoAYugAfW08drqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ4NoU0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljn2ZOtx5WDA5oJKmh0dHBzOi8vcHJvbW8ubGliZXJ0ZXguY29tL2xwL2RlLWRlL2ZvcmV4L4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01OTg5MzIwNzgzNTk1MjM2GAA&sigh=zMWney-ZTy8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_0T8PRoEU8ebciudnSg2Tfod02rHLAq6pwcsbtHIDKQf8ugBQqHl4zY_pLyCylBRGUNoynZsEOBgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218034190877434006079%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217203486674818054961%22}&andc=true
Request Chain 219
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLhCJw25-Zfn1N7iK7_UPgsGruAaO8J30c93j44vvEWQQASDEmMgbYJXCsIK4B6ABkqy4lAPIAQmoAwHIA0iqBOUBT9DWzFeaW1qdr0S93spBjDRBpHR0XqywgKWn3zaZwK5DcOUAvAtwygRx5TtMO6ZXZrQGbPdSEkrPNo6y0wmvHcPZmUIJkpRjtEMQJKQAY4XVmYganTHmLEr09pwM_LB7H4E485BNmq7WREbmO9KQB4bLp3Oc14etDnXyEdfuUcvBjQmgU2JQmdfyADGEH4X-fYtIO5z2Q0yWPzRQvAW5oD_5-xN_BjUrBnG9imgkMbi6xKu2ZCHeH2VMvYMxQ9ru9fE-abZxrcsierOq1w5dkr44coELifn-sZTG0IFk1hIrV4civcAEwL6ij78EiAX95YyuTJIFBAgEGAGSBQQIBRgEoAYugAfW08drqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQgp4T0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOli-yZOtx5WDA5oJKmh0dHBzOi8vcHJvbW8ubGliZXJ0ZXguY29tL2xwL2RlLWRlL2ZvcmV4L4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTk4OTMyMDc4MzU5NTIzNhgA&sigh=SPQXvkcnY1Q&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_JHbTNG5ezTmNqQhkMtRqtW-HnWrmQlTOwTbF3W3Zb7b7VyyK8zMYWlnBWTihEIsNhxtV-SZcGAE&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212478636524859042717%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214720391249852154753%22}&andc=true
Request Chain 224
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE2Jnw25-ZbnMENOh9u8Ppc6B0AjRkYjkaK-62LKaD9r3pqKMDhABIMSYyBtglcKwgrgHoAGcibPcA8gBAakCDqjL0mBHsj6oAwHIA8sEqgTaAU_QHkxmme634emVAgJOiAhZUUY5JyzAec5RbrSXbaXEciXnp_N61EjFz5cZuV4EIQMk_HFfwv4wywT9lTVwQmtXgR-qREGLsQNypgL0FXSZulSOjQvUXAmhUwyB_KO3uwZFoIf6RbEYDrMcHGla4aEZkVJg-opjBuzQ0AlzVIqupYT4bH43Cf8AghMCcHAwsxVAFE2UvVjyMxeAz2TNF3-SpfEn7ibUaHAg7jIAV8unDfnaP1ReAOaPQhWhtLOmGd47U_f1mYsRir_EzkKDUnEHzQQMO3eOZLcYwATnor-Z4QOIBd-Omcg5kgUECAQYAZIFBAgFGASAB8z2zCOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRDgwZQB0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlihmeysx5WDA5oJHGh0dHBzOi8vdG95b3RhLWZvcmtsaWZ0cy5kZS-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEw6IFBLQFQGYFgGAFwGyFxwKGggAEhRwdWItNTk4OTMyMDc4MzU5NTIzNhgA&sigh=LPuxDA08JUM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211899939841509007279%22,%22debug_reporting%22:true,%22destination%22:%22https://toyota-forklifts.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999081116%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22491681431753490465%22}&andc=true
Request Chain 225
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK0Jixel9y4-8c4rpl2WRZ0&google_cver=1&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7XV1xX6NWEBIWm2vp4tw8PXXxi4V8rfgWxUdP16w7-FMeNY HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7XV1xX6NWEBIWm2vp4tw8PXXxi4V8rfgWxUdP16w7-FMeNY&google_hm=8jcpovy--DVLE6TRoEx5Vg
Request Chain 226
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xeD_enHn1WeIF4TOoRn7JLvySL7leiTRaM_2eKyl6NHZP0Yepn4xQucHdU HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xeD_enHn1WeIF4TOoRn7JLvySL7leiTRaM_2eKyl6NHZP0Yepn4xQucHdU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUVIMFUzSmoxUmVJNXU1&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xeD_enHn1WeIF4TOoRn7JLvySL7leiTRaM_2eKyl6NHZP0Yepn4xQucHdU
Request Chain 228
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECiVErvTX8dqhmQz_kATZfs&google_cver=1&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqdVFbzVBmxmV564ao HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XE51crK8QqMe4y_vSGANVw&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqdVFbzVBmxmV564ao
Request Chain 230
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFp-mSWa8QVvFJmCFEu45Gs&google_cver=1&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWFxXr-TaPzLAT1loeC5Qo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWFxXr-TaPzLAT1loeC5Qo
Request Chain 231
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED6aX034xrmm7ujkjfdGg9U&google_cver=1&google_push=AXcoOmQBLcIrRdauH51ZTx2_x7HLIyZpD4ZoZm6nUO_BuPBJ5FKHlCeCnHZkXXz7I18WkRCcrZD5CxZY1pygyMWL5z9HAXFzzFw9fSMd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQBLcIrRdauH51ZTx2_x7HLIyZpD4ZoZm6nUO_BuPBJ5FKHlCeCnHZkXXz7I18WkRCcrZD5CxZY1pygyMWL5z9HAXFzzFw9fSMd HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 233
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKZIrk1JLrgE764CZyNUmJM&google_cver=1&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdpPdwgHTlNIl4icw712fMA_-YKjiqrzic4jBmWIF8Nw9h7dR HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdpPdwgHTlNIl4icw712fMA_-YKjiqrzic4jBmWIF8Nw9h7dR&google_hm=8jcpovy--DVLE6TRoEx5Vg
Request Chain 235
  • https://um.simpli.fi/gp_match?google_gid=CAESEEM6GMsHUooRcX6f49JajtQ&google_cver=1&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fFjzd4wGAiqoF6JqEBG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fFjzd4wGAiqoF6JqEBG
Request Chain 236
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHmVBXcDRm29HKDyTU1ppfI&google_cver=1&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7Uar7Zfyjc58xUmkXuQsmhJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7Uar7Zfyjc58xUmkXuQsmhJ&google_hm=ThAQ10j-RTadxf-jzRriPW0
Request Chain 237
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEP6k9Nmp02ny9MA19PoyeIA&google_cver=1&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAbkGS7xwWuYQIUN0d1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VQgxCynnRCw5LfXvYQmsBg&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAbkGS7xwWuYQIUN0d1
Request Chain 239
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOaxV2B4Nrb1DnbulRMbLXM&google_cver=1&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOaxV2B4Nrb1DnbulRMbLXM&google_cver=1&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ

291 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mikrokrediti.html
zaemonline.kz/ 		107 KB
108 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash
7d111aac426b7b213c9f1125ec57f7674275d01d24b1d712bd6370e5409395e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Content-Language
ru
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Dec 2023 03:45:04 GMT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Link
<https://zaemonline.kz/mikrokrediti.html>; rel="canonical",<https://zaemonline.kz/mikrokrediti.html>; rel="shortlink"
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Strict-Transport-Security
max-age=31536000; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN
X-Generator
Drupal 7 (http://drupal.org)
X-Powered-By
PHP/5.4.16
js
www.googletagmanager.com/gtag/ 		285 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E3HW39SSPT
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab81c38fc5d1ef84f49c1847385772bbb5b79cdec291d8ef60d2291da48c8b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 03:45:06 GMT
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
zaemonline.kz/sites/default/files/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"416-5efc46a685277"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1046
Expires
Sun, 31 Dec 2023 03:45:06 GMT
css_8kN4Sd1I5RnBiJGmMM-d9YgKEEglMLUhJUzhV15q7es.css
zaemonline.kz/sites/default/files/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/css/css_8kN4Sd1I5RnBiJGmMM-d9YgKEEglMLUhJUzhV15q7es.css
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
f2437849dd48e519c18891a630cf9df5880a10482530b521254ce1575e6aedeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"61e-5efc46a68b037"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1566
Expires
Sun, 31 Dec 2023 03:45:06 GMT
css__fMV3YbMN8o4zhceGp8Z3Esd2u76E3ubKrpgbgWZWkU.css
zaemonline.kz/sites/default/files/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/css/css__fMV3YbMN8o4zhceGp8Z3Esd2u76E3ubKrpgbgWZWkU.css
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
fdf315dd86cc37ca38ce171e1a9f19dc4b1ddaeefa137b9b2aba606e05995a45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:33 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"485-5efc46b19912c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1157
Expires
Sun, 31 Dec 2023 03:45:06 GMT
css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
zaemonline.kz/sites/default/files/css/ 		73 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
372381c9dfbb70d612a4212d13415381b45ce4beba89b5492bec132c91226094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"35f0-5efc46a69aa36"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13808
Expires
Sun, 31 Dec 2023 03:45:06 GMT
d2c0d0f113bb1a3f219720b71a9e0e67_1.js
cdn.sendpulse.com/js/push/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/js/push/d2c0d0f113bb1a3f219720b71a9e0e67_1.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e75c9b87c91648bc2179640bfef2ae9b8eae0aea459987f951bf4be7093f9863
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 17 Dec 2023 03:45:06 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-age-lb
72224
x-77-cache
HIT
x-accel-date
1702712482
x-xss-protection
1; mode=block
x-77-nzt
EgwBnJIhiAH3IBoBAAwBJRPCKAH3E0YAAA
x-accel-expires
@1703070700
x-77-age
90163
x-cache-lb
HIT
x-sp-ma
sp-ma-0
last-modified
Tue, 14 Mar 2023 14:17:37 GMT
server
CDN77-Turbo
etag
W/"1d0d1-5f6dce3b82358"
x-77-nzt-ray
f6587a1d62bb9812c26e7e65a0c7d31c
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
x-sp-pr
lpr-05
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 07:34:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5989320783595236
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ac2aaa4903d116d03d083dd4b0c17e41b28a6250dd9584001db583aebc7e829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Origin
https://zaemonline.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51836
x-xss-protection
0
server
cafe
etag
7753485208126776009
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:06 GMT
logo_NY.png
zaemonline.kz/sites/all/themes/new/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/themes/new/images/logo_NY.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
4452e61548a0c3f3cbdf4ca46dc2f449abfa57d7b828e0ec2fe5bf7e205901a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Dec 2018 15:06:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"3137-57c5bd8757dc0"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12599
Expires
Sun, 31 Dec 2023 03:45:06 GMT
turbomoney728h90.gif
zaemonline.kz/sites/default/files/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/turbomoney728h90.gif
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
f77fc542e2d4af927e2802f3040172df93d3c567c5d573f2a3c525e9919f5100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:06:59 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"13de9-569e6f8ae0ad1"
Content-Type
image/gif
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
81385
Expires
Sun, 31 Dec 2023 03:45:06 GMT
728-90.jpg
zaemonline.kz/sites/default/files/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/728-90.jpg
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
8bd1bd2a458afd99230048211b8edee7688d169f63bcb84df87aad6269ac3ea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Sep 2022 10:04:15 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"c14d-5e8a04054e4b6"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
49485
Expires
Sun, 31 Dec 2023 03:45:06 GMT
468x60.png
zaemonline.kz/sites/default/files/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/468x60.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
ace4fadb90203697b480003a13d81d9be9fc3d36e3e9eca9e91bf0ca5304b288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Aug 2023 11:49:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"a92d-60253d6fa65be"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43309
Expires
Sun, 31 Dec 2023 03:45:06 GMT
kredit.png
zaemonline.kz/sites/all/themes/new/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/themes/new/images/kredit.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
500b22c83d91993d48c12e8caa217a313bfcaf71c265bb0a70494da8150408f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"9b1-569e6f8f1e9d1"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2481
Expires
Sun, 31 Dec 2023 03:45:06 GMT
bez_spravki.png
zaemonline.kz/sites/default/files/features/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/features/bez_spravki.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
4a8fc69fde6a17c2ddc40e03d5e6b0b2b7f92ed8142932c39789510244f5b2a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:06:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"4dc1-569e6f883fd31"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
19905
Expires
Sun, 31 Dec 2023 03:45:07 GMT
cash_card_0.png
zaemonline.kz/sites/default/files/features/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/features/cash_card_0.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
e4cfb7c65cce0fca0014b99c1864cf907c47adc36f5cec8522713eb385ebdfc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:06:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"5697-569e6f883f179"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
22167
Expires
Sun, 31 Dec 2023 03:45:07 GMT
tenge_3.png
zaemonline.kz/sites/default/files/features/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/features/tenge_3.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
58722783842ab3638f51ae309c2fd9eebd3405193a008b022e7da5dd8a34bd16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:06:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"365a-569e6f883fd31"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13914
Expires
Sun, 31 Dec 2023 03:45:07 GMT
clock_icon.png
zaemonline.kz/sites/default/files/features/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/features/clock_icon.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
2ec39cb341b3909ad79550a8c8215bb22206a9b75bc77c9eba797f64be796e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:06:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2c1c-569e6f883fd31"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
11292
Expires
Sun, 31 Dec 2023 03:45:07 GMT
sredit_logo_horizontal_obrezannyy.png
zaemonline.kz/sites/default/files/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/sredit_logo_horizontal_obrezannyy.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
ce9b5508ac69731becfb3283c6ed9fd79b437f85a3c7b580ac7875ca1098d451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Nov 2022 07:06:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2d08-5eeaabd7ef23a"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
11528
Expires
Sun, 31 Dec 2023 03:45:07 GMT
dm_mikrokredit_220h115.png
zaemonline.kz/sites/default/files/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/dm_mikrokredit_220h115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
b25e225381edb8bf63d1e738c80186ca042903a714084335cb1a54377a930e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Dec 2023 08:56:31 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"26b7-60c6057e5f6ed"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
9911
Expires
Sun, 31 Dec 2023 03:45:07 GMT
i_credit_logo_220.png
zaemonline.kz/sites/default/files/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/i_credit_logo_220.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
94dbec8a3c63178d3fd76daa64434f66c0dd205b7e14e85c219fce593f000726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Apr 2019 09:51:49 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"236e-5863e228ff94a"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
9070
Expires
Sun, 31 Dec 2023 03:45:07 GMT
220x115hava.png
zaemonline.kz/sites/default/files/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/220x115hava.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
e12501ab69427e1a1e4faba3befbe731cd81f560090b731ba52bfc86616db984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 09:15:29 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"7c77-60511c479418c"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
31863
Expires
Sun, 31 Dec 2023 03:45:07 GMT
logo365220x115.png
zaemonline.kz/sites/default/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/logo365220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
9d4a05947e3434985c661e50bcd8d2b0007396bf5910b850f736c5f7230c90fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12 Jan 2023 12:22:45 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"3eae-5f2102c9831b4"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
16046
Expires
Sun, 31 Dec 2023 03:45:07 GMT
220x115koke.png
zaemonline.kz/sites/default/files/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/220x115koke.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
b1eb2c2a481e26a8dccd63f06e4aa3892c4baa0e497ea3d25d2c7e18583e05fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 09:18:16 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"8077-60511ce6da02d"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
32887
Expires
Sun, 31 Dec 2023 03:45:07 GMT
zaimer_220x115.png
zaemonline.kz/sites/default/files/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/zaimer_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a88a95fc7bee2e8373dc97ad4f959cf65ea622bc3e54b94857008d3671d6abb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:20:46 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"3865-594a3395ca885"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
14437
Expires
Sun, 31 Dec 2023 03:45:07 GMT
bez_nazvaniya_2.png
zaemonline.kz/sites/default/files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/bez_nazvaniya_2.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
575fba74dfb9072e8a82763f42814223dcc1921942650efcef1bbc874fe847a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Apr 2022 11:18:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"1437-5dc0ea1a07a12"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
5175
Expires
Sun, 31 Dec 2023 03:45:07 GMT
logoacredit220x115.png
zaemonline.kz/sites/default/files/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/logoacredit220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
e28ee49ee9dc9c8fdd58b332b043b7b3168950eb70c5168d1074fa861091db31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Sep 2023 10:31:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"43cc-6049a2277e6b5"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
17356
Expires
Sun, 31 Dec 2023 03:45:07 GMT
220x115tengo.png
zaemonline.kz/sites/default/files/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/220x115tengo.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
941d47030a95d486d9ed799fcd517a5c7e49de4b7d6199b1aeda41aea2957b7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 09:20:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"71a6-60511d6cbdb60"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
29094
Expires
Sun, 31 Dec 2023 03:45:07 GMT
kviku_220x115.png
zaemonline.kz/sites/default/files/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/kviku_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
ccd81d4182884ee69f54d403271678ab97f9891b7c8ce001997afe3f13e96276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:10:53 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2c14-594a3160521a7"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
11284
Expires
Sun, 31 Dec 2023 03:45:07 GMT
logcreditba220x115-photoroom.png-photoroom.png
zaemonline.kz/sites/default/files/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/logcreditba220x115-photoroom.png-photoroom.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
7f570f5d8348ed558e3d12fb9d8095e54c7f6aebe2fc455016fadef51fe0f805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 10 Aug 2023 15:57:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"1e2b-60293a7719f0a"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7723
Expires
Sun, 31 Dec 2023 03:45:07 GMT
tengebai220x115.png
zaemonline.kz/sites/default/files/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/tengebai220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a7c9b059698d232687e478d5591d6d7eef4a524b41595b8a19295b20aaaaa0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Sep 2023 09:29:35 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2b87-6052614c58fba"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
11143
Expires
Sun, 31 Dec 2023 03:45:08 GMT
turbomoney_220x115.png
zaemonline.kz/sites/default/files/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/turbomoney_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
f98f49e9b4f040c28874f2021125162fe53736416793061dddf6d64e7b904e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:15:07 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"3edc-594a32529c2a7"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
16092
Expires
Sun, 31 Dec 2023 03:45:08 GMT
onecredit220x115.png
zaemonline.kz/sites/default/files/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/onecredit220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
66647e89ded5917a96f6af829ba0a13b1b44a1b4032095d94b8682680fff1d55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Jun 2023 11:47:13 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"387f-5ff1b07367dd1"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
14463
Expires
Sun, 31 Dec 2023 03:45:08 GMT
qanat-logo.jpg
zaemonline.kz/sites/default/files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/qanat-logo.jpg
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
73f0d900e17ab84d53cae923b8965053d166944471ecc24d2ea546864b084d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 17 Jun 2021 11:01:45 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"19ca-5c4f42206ac59"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
6602
Expires
Sun, 31 Dec 2023 03:45:08 GMT
4slovo_220x115.png
zaemonline.kz/sites/default/files/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/4slovo_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
ea459dade75ac74593db2a030edb2f45930d81a4964d8380a94c3e38fa01593a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:09:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2dcd-594a31095a005"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
11725
Expires
Sun, 31 Dec 2023 03:45:08 GMT
gmoneyyyyy2200x115.jpg
zaemonline.kz/sites/default/files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/gmoneyyyyy2200x115.jpg
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a0dcc5b7df9b5d674f093242766da6590f4d7d678e1c708c568b61a66870d141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Sep 2022 14:22:09 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"1685-5e82b2799b910"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
5765
Expires
Sun, 31 Dec 2023 03:45:08 GMT
moneyman_220x115.png
zaemonline.kz/sites/default/files/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/moneyman_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
11a28d39113d86cc1606c9d81503c40063044b0680f66f2787803319872a5df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:09:43 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"38fa-594a311d6da65"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
14586
Expires
Sun, 31 Dec 2023 03:45:08 GMT
tomi220x115.png
zaemonline.kz/sites/default/files/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/tomi220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
5129863210d7a30de2ec92a946a579813792d4c7b2b334b3a893c3d4ba05efe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 Aug 2023 16:52:20 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"83b0-6025811e4b779"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
33712
Expires
Sun, 31 Dec 2023 03:45:08 GMT
ccloan_220x115.png
zaemonline.kz/sites/default/files/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/ccloan_220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
3e0c26460da4227871a08c4538c7b023001b01e84362a6bf15ba35562fa2bc20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Oct 2019 14:21:20 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"413c-594a33b5ea2a5"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
16700
Expires
Sun, 31 Dec 2023 03:45:08 GMT
tengoda220x115.png
zaemonline.kz/sites/default/files/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/tengoda220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
e6d72b6cb969d51750dc2d8d59c3944de23f885423cbeea9c4e99875f1dc0c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Apr 2021 11:59:25 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"9c36-5bf88e530ddda"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
39990
Expires
Sun, 31 Dec 2023 03:45:08 GMT
logoquickmoney220x115.png
zaemonline.kz/sites/default/files/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/logoquickmoney220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a6d08c84b2155affb58de2094bf9114fa7e3df3f586d780377c19b16b579ec36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28 May 2021 08:31:37 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"58c0-5c35fb44f608d"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
22720
Expires
Sun, 31 Dec 2023 03:45:08 GMT
neo220h115.png
zaemonline.kz/sites/default/files/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/neo220h115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
4e126dd2635f201e300eca4cddbd5f9b4979c4069c3d54f116472b6901d1fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 10 Dec 2023 16:51:46 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"5361-60c2aa208ea5e"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
21345
Expires
Sun, 31 Dec 2023 03:45:08 GMT
salem220x115.png
zaemonline.kz/sites/default/files/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/salem220x115.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
46e3e32ce0cffa6b0be8f4d812715dee13ff0360229617effa5f939ec2f7ad8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Nov 2021 12:41:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"2f00-5d06e8cc30acd"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
12032
Expires
Sun, 31 Dec 2023 03:45:08 GMT
logovivuskz220x11529112022.png
zaemonline.kz/sites/default/files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/logovivuskz220x11529112022.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
de9594a79b2dacb9dc6d7634e9e1870913bf1aab02af7483ab3d2f780f970e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Nov 2022 14:40:00 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"19a3-5ee9cf6771089"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
6563
Expires
Sun, 31 Dec 2023 03:45:08 GMT
871_240h400.gif
zaemonline.kz/sites/default/files/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/871_240h400.gif
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
72c6c24713278441975957a8e9a958552e78a4ce702d2eff81a0557384b5a311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 May 2018 10:37:16 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"782d-56b4ac98a5f76"
Content-Type
image/gif
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30765
Expires
Sun, 31 Dec 2023 03:45:07 GMT
240-400.jpg
zaemonline.kz/sites/default/files/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/240-400.jpg
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
6567915090ec4ef359ac6f72354e4f638ded50a7d6980b638a881ab0515ef872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Sep 2022 10:02:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"11056-5e8a0387d8163"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
69718
Expires
Sun, 31 Dec 2023 03:45:07 GMT
240x400.png
zaemonline.kz/sites/default/files/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/240x400.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
313381cc20da29d7cac96f3e72a14f54f0e960872b3449afd54602859545ea1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13 Oct 2022 14:50:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"20d40-5eaeba0c57eb5"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
134464
Expires
Sun, 31 Dec 2023 03:45:07 GMT
sredit_logo_horizontal_obrezannyy.png
zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/sredit_logo_horizontal_obrezannyy.png?itok=G79zHUmN
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
758693aeec869f0ce16f3bead9a0540d72f3d283c0aef7c2573da5cb80bc4cf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Nov 2022 07:06:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"10b9-5eeaabdfbabb5"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
4281
Expires
Sun, 31 Dec 2023 03:45:07 GMT
dm_mikrokredit_220h115.png
zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/dm_mikrokredit_220h115.png?itok=Nfjwtwpn
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
4b2e157d5aa257c9d11878c0445a365d5dd0f8625fbf27b917a89e48f9f094ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Dec 2023 08:56:40 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"ecb-60c60586b4b56"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
3787
Expires
Sun, 31 Dec 2023 03:45:07 GMT
i_credit_logo_220.png
zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/i_credit_logo_220.png?itok=XvFLoVVX
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
1e0fdfc3ff3276b3e9b0d21e97b42c5089aaeac570232a71ce50d95563e839a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sat, 12 Jun 2021 17:05:53 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"1093-5c494a30d1921"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4243
Expires
Sun, 31 Dec 2023 03:45:07 GMT
220x115hava.png
zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/220x115hava.png?itok=llWCX1Y3
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
58764bf2dcde27a739d9157736a713b9dcfdce938724691ddd8c703fef74a9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Sep 2023 09:16:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"179c-60511c7588d86"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
6044
Expires
Sun, 31 Dec 2023 03:45:07 GMT
logo365220x115.png
zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/top_5_offers_ico/public/logo365220x115.png?itok=2e2AjxWQ
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
f3ef8a0a8a8e6dc192a9340463833f71604f930b38e8780e8ed1cb3b170f4988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 12 Jan 2023 12:23:13 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"1607-5f2102e4572cb"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5639
Expires
Sun, 31 Dec 2023 03:45:07 GMT
dengiimineyman100x10014122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/dengiimineyman100x10014122023.jpg?itok=LO1F-1k7
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
bc7b2571ab96da19c1f2f31211c430d5b83a4f4412e1e79dfb4dc08ad69e5f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Dec 2023 07:40:02 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"942-60c736434f28a"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
2370
Expires
Sun, 31 Dec 2023 03:45:08 GMT
christmas100x1001122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/christmas100x1001122023.jpg?itok=htG1If12
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
d396cda834273cd0b16f4e65d8d7bc93d671d3a9c1af448bcd22fea2d5ed1571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Dec 2023 08:30:10 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"e3f-60c37bdfee495"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
3647
Expires
Sun, 31 Dec 2023 03:45:08 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E3HW39SSPT&gtm=45je3bt0v9102654154&_p=1702784706367&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=941621155.1702784707&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702784706&sct=1&seg=0&dl=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&dt=%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2582
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3HW39SSPT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaemonline.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dengoi100x10001122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/dengoi100x10001122023.jpg?itok=dgNlfTxj
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
95833be0f7396dab2a1891ba5b3d147d8689b404a0217c8094e1715729c50880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Dec 2023 07:36:50 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"a93-60b6dd4d2a8a9"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
2707
Expires
Sun, 31 Dec 2023 03:45:08 GMT
moneyman240-400.jpg
zaemonline.kz/sites/default/files/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/moneyman240-400.jpg
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
6567915090ec4ef359ac6f72354e4f638ded50a7d6980b638a881ab0515ef872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Sep 2022 08:13:46 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"11056-5e8b2d30a3108"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
69718
Expires
Sun, 31 Dec 2023 03:45:08 GMT
240x400_0.png
zaemonline.kz/sites/default/files/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/240x400_0.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
313381cc20da29d7cac96f3e72a14f54f0e960872b3449afd54602859545ea1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13 Oct 2022 14:53:43 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"20d40-5eaebacf6d84b"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
134464
Expires
Sun, 31 Dec 2023 03:45:08 GMT
dengi100x10013122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/dengi100x10013122023.jpg?itok=JLIc50uD
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a1d2b5dcdb87745883abe53382f8f92a37b455b07a3d5c539a0e6b925ba3b392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Dec 2023 07:24:17 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"c77-60c5f0e0b3375"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
3191
Expires
Sun, 31 Dec 2023 03:45:08 GMT
issledvanie100x10007122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/issledvanie100x10007122023.jpg?itok=ZN6VylgS
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
ae4e79a8dbe55568a237f612e1c248644e134971ff0db773e8f4b6574b5af2b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Dec 2023 09:04:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"7e4-60be7c2d08351"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
2020
Expires
Sun, 31 Dec 2023 03:45:08 GMT
reytin100x10007122023.jpg
zaemonline.kz/sites/default/files/styles/thumbnail/public/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/styles/thumbnail/public/reytin100x10007122023.jpg?itok=T76EAM5O
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
acf50c7437e8ff89f4b88024307c60816c7d9d67fe731edaea86670448c67077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Dec 2023 08:55:26 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"a11-60be7a10083b1"
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
2577
Expires
Sun, 31 Dec 2023 03:45:08 GMT
mx-fl-33-21.png
zaemonline.kz/sites/default/files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/mx-fl-33-21.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
59ada002c269ea0c49ceac2452977f642f08f7f538d628c1b44ae60089cd496c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Aug 2020 15:52:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"569-5ad511d066db5"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
1385
Expires
Sun, 31 Dec 2023 03:45:08 GMT
es-fl-33-21.png
zaemonline.kz/sites/default/files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/default/files/es-fl-33-21.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
0627c152f41a86e754ba607fde4a8fed8085f6d17567004042632a027a12e615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Aug 2020 15:52:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"54f-5ad511a725e42"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1359
Expires
Sun, 31 Dec 2023 03:45:08 GMT
jquery-1.10.2.min.js
code.jquery.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7982508
x-cache
HIT, HIT
content-length
32788
x-served-by
cache-lga13622-LGA, cache-sof1510035-SOF
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702784707.828803,VS0,VE0
etag
W/"28feccc0-16bb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
29, 19196
js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js
zaemonline.kz/sites/default/files/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_vSmhpx_T-AShyt_WMW5_TcwwxJP1imoVOa8jvwL_mxE.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"1e63-5efc46a6a2b1e"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7779
Expires
Sun, 31 Dec 2023 03:45:06 GMT
js_cVBCQl8ucDiB2V8A68uc0Jvi6NU2C4wnN5LbDi-0hT8.js
zaemonline.kz/sites/default/files/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_cVBCQl8ucDiB2V8A68uc0Jvi6NU2C4wnN5LbDi-0hT8.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
715042425f2e703881d95f00ebcb9cd09be2e8d5360b8c273792db0e2fb4853f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"3276-5efc46a6aa81e"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
12918
Expires
Sun, 31 Dec 2023 03:45:06 GMT
js_Q0iHcPMWGiRB3jYTYzukgfQ6J9nNfsmHTEMR4eXEB_U.js
zaemonline.kz/sites/default/files/js/ 		785 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_Q0iHcPMWGiRB3jYTYzukgfQ6J9nNfsmHTEMR4eXEB_U.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
43488770f3161a2441de3613633ba481f43a27d9cd7ec9874c4311e1e5c407f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"161-5efc46a6b1d4e"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
353
Expires
Sun, 31 Dec 2023 03:45:06 GMT
js_UAzCbH2ZD0iy9D2lwO4hkQHaZr2qyrBjQhsXHGFWKdM.js
zaemonline.kz/sites/default/files/js/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_UAzCbH2ZD0iy9D2lwO4hkQHaZr2qyrBjQhsXHGFWKdM.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
500cc26c7d990f48b2f43da5c0ee219101da66bdaacab063421b171c615629d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:06 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"38b0-5efc46a6bcd15"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14512
Expires
Sun, 31 Dec 2023 03:45:06 GMT
js_zZ9TiTudYT8dzDFxd-xIsR3QZs2DYQrPzRFtZJ2dNdU.js
zaemonline.kz/sites/default/files/js/ 		417 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_zZ9TiTudYT8dzDFxd-xIsR3QZs2DYQrPzRFtZJ2dNdU.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
cd9f53893b9d613f1dcc317177ec48b11dd066cd83610acfcd116d649d9d35d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"17b3a-5efc46a6d4415"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
97082
Expires
Sun, 31 Dec 2023 03:45:07 GMT
js_pd0FglZaH7laLogzU32VpTt4HY0cW9blseRaXX5P0aw.js
zaemonline.kz/sites/default/files/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/default/files/js/js_pd0FglZaH7laLogzU32VpTt4HY0cW9blseRaXX5P0aw.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a5dd0582565a1fb95a2e8833537d95a53b781d8d1c5bd6e5b1e45a5d7e4fd1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Dec 2022 07:09:21 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Encoding
gzip
ETag
"2ab-5efc46a680457"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
683
Expires
Sun, 31 Dec 2023 03:45:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Dec 2023 01:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
7013
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 17 Dec 2023 03:48:14 GMT
watch.js
mc.yandex.ru/metrika/ 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-dcfc"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56572
expires
Sun, 17 Dec 2023 04:45:07 GMT
z.js
c.zero.kz/
Redirect Chain
  • https://c.zero.kz/z.js
  • https://c.zero.kz/z.js?c=be0a64726a4e76
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.zero.kz/z.js?c=be0a64726a4e76
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Server
91.201.214.115 Almaty, Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
zero-web-01.neolabs.net
Software
nginx /
Resource Hash
9d2347e9d61223835d2ae774fcbcbc017c73812501e657eb687675aa933a8421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Sun, 17 Dec 2023 03:45:07 GMT
cache-control
private
content-encoding
gzip
server
nginx
vary
Accept-Encoding
expires
Sun, 24 Dec 2023 03:45:07 GMT

Redirect headers

location
?c=be0a64726a4e76
date
Sun, 17 Dec 2023 03:45:07 GMT
server
nginx
content-length
162
content-type
text/html
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5989320783595236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf2e8471e8e31885c8c03d019dbd2e1b04ebcdc9fb9fd7455454ab026a7f96e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137960
x-xss-protection
0
server
cafe
etag
12897035231061166490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:07 GMT
menu_bg.png
zaemonline.kz/sites/all/themes/new/images/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/themes/new/images/menu_bg.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
99780dfa860196e84175cd97e56f0e4bdfa277f9cc72822beb43d2765c02c683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"3a5-569e6f8f20911"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
933
Expires
Sun, 31 Dec 2023 03:45:07 GMT
search.png
zaemonline.kz/sites/all/themes/new/images/ 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/themes/new/images/search.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
1f54e0e0345e9d348b54b7d72f21e05f0a2543bfd64b91068b119e26943b5ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"311-569e6f8f1f589"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
785
Expires
Sun, 31 Dec 2023 03:45:07 GMT
star-1.png
zaemonline.kz/sites/all/modules/fivestar/widgets/basic/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/modules/fivestar/widgets/basic/star-1.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css__fMV3YbMN8o4zhceGp8Z3Esd2u76E3ubKrpgbgWZWkU.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
166f81acf7fc66609feb80beeea57c29c02e855700deafd7d9d25b94fc8da27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/sites/default/files/css/css__fMV3YbMN8o4zhceGp8Z3Esd2u76E3ubKrpgbgWZWkU.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:01 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"406-569e6f8d2a9d1"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1030
Expires
Sun, 31 Dec 2023 03:45:07 GMT
soical.png
zaemonline.kz/sites/all/themes/new/images/ 		869 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zaemonline.kz/sites/all/themes/new/images/soical.png
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
39dd0e8e9a643a5652c31e5e69066363a57e183218028e92531d080034fcda74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"365-569e6f8f1fd59"
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
869
Expires
Sun, 31 Dec 2023 03:45:08 GMT
PTC55F.ttf
zaemonline.kz/sites/all/themes/new/fonts/ 		366 KB
367 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/all/themes/new/fonts/PTC55F.ttf
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
a9efdbc474d0f02348ab071357d50ebe709d59f0d76b79e709dc3c5c759050c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Origin
https://zaemonline.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"5b8fc-569e6f8f2c879"
Content-Type
application/font-sfnt
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
375036
Expires
Sun, 31 Dec 2023 03:45:07 GMT
PTS75F.ttf
zaemonline.kz/sites/all/themes/new/fonts/ 		447 KB
448 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sites/all/themes/new/fonts/PTS75F.ttf
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
21b0392d76754b70fb51e477eb18187b675537062e89ecc7aef76cf91d979b0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zaemonline.kz/sites/default/files/css/css_NyOByd-7cNYSpCEtE0FTgbRc5L66ibVJK-wTLJEiYJQ.css
Origin
https://zaemonline.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:07 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Sun, 15 Apr 2018 18:07:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"6fd64-569e6f8f2dfe9"
Content-Type
application/font-sfnt
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
458084
Expires
Sun, 31 Dec 2023 03:45:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame DDFB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5989320783595236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 13:49:38 GMT
etag
5585625838579639069
expires
Sat, 30 Dec 2023 13:49:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=650448898&t=pageview&_s=1&dl=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAAABAAAAACAAI~&jid=682904928&gjid=581257049&cid=941621155.1702784707&tid=UA-50926641-1&_gid=814306609.1702784707&_r=1&_slc=1&z=1991804075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zaemonline.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaemonline.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-50926641-1&cid=941621155.1702784707&jid=682904928&gjid=581257049&_gid=814306609.1702784707&_u=IADAAAAAAAAAACAAI~&z=178741249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zaemonline.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 17 Dec 2023 03:45:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaemonline.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 067B 		769 KB
118 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&adk=1812271804&adf=3025194257&lmt=1702784707&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706936&bpp=40&bdt=719&idt=279&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3163627070802&frm=20&pv=2&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b6f5299b2d3cf5ea2cec8f138010e50ddedf58ee3b0467e718c2fcfae2a47b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
121037
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:07 GMT
expires
Sun, 17 Dec 2023 03:45:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 893A 		135 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef39f4102eeea59191ae879c76c7563711d57d639aea924ae2b1942a805d6c6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:07 GMT
expires
Sun, 17 Dec 2023 03:45:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10219.lY5Y0Amrny21BJzSG4XiBq7HSDj1n7KdpvvUdL6oYX2uP02mQH7OwLl6tp4S0Cle.oVqxR3iKJcIS7ADHIA-4uYe96-Q%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10219.zI3flP47zjXWZgdO4C0lp8_D0ViYIvVyFyPgi232ym43STRDIy3GD37vkAmOfYAeVzEFUz3NMZ5SIdejYsHxCIwVKHqugyDJMwh_UoFYA_OaPhuNrScIVYojx9LjcE7afK3mnWzzn-...
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10219.zI3flP47zjXWZgdO4C0lp8_D0ViYIvVyFyPgi232ym43STRDIy3GD37vkAmOfYAeVzEFUz3NMZ5SIdejYsHxCIwVKHqugyDJMwh_UoFYA_OaPhuNrScIVYojx9LjcE7afK3mnWzzn-obIJ8U-RAH2VRxB3jC5R7rslEYoADRNfLH7_e26HnHEJkg7fJ-tgbghkaAwHxG1I-_8DyUnfkvGrO5zdb4P0VipTXbWOd6f2c%2C.dXB26FuXEb9KHPMemsW4GSkJb8c%2C
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10219.zI3flP47zjXWZgdO4C0lp8_D0ViYIvVyFyPgi232ym43STRDIy3GD37vkAmOfYAeVzEFUz3NMZ5SIdejYsHxCIwVKHqugyDJMwh_UoFYA_OaPhuNrScIVYojx9LjcE7afK3mnWzzn-obIJ8U-RAH2VRxB3jC5R7rslEYoADRNfLH7_e26HnHEJkg7fJ-tgbghkaAwHxG1I-_8DyUnfkvGrO5zdb4P0VipTXbWOd6f2c%2C.dXB26FuXEb9KHPMemsW4GSkJb8c%2C
date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.kz/
Redirect Chain
  • https://mc.yandex.kz/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.kz&token=10219._hPSyBES0QSULpl2cdUBVJkMyHAWfJx2BpboFELFVNVtoH4MYaceOjY7Ah9WqF85.IwCOGu3e5S1pHhX4sZ4UJnRRiuo%2C
  • https://mc.yandex.kz/sync_cookie_image_decide?token=10219.nJiOurSc9M9Y4Q04ENPVMQyaav9tya_BUaTiHItVTVX0PlWxxc2zRewLSrmYeGPo_SfUySOQl4linFBVXfLXYkCeNizSHnufsPkuCuuNzW2REq8wQCqukVAGE--7LbeDhuxDplrfLMV...
43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.kz/sync_cookie_image_decide?token=10219.nJiOurSc9M9Y4Q04ENPVMQyaav9tya_BUaTiHItVTVX0PlWxxc2zRewLSrmYeGPo_SfUySOQl4linFBVXfLXYkCeNizSHnufsPkuCuuNzW2REq8wQCqukVAGE--7LbeDhuxDplrfLMVOMKbmCV67duJfE_2YVKb16v8GJ2aG6useqP451kQeMbzHpyzMaOV78SkikzR0UDRnId1oeoDH3LU_SYrgW6hwf0QsnxTt4xs%2C.dwroBdZt-s98b5fwvPfFnUdJSM8%2C
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.kz/sync_cookie_image_decide?token=10219.nJiOurSc9M9Y4Q04ENPVMQyaav9tya_BUaTiHItVTVX0PlWxxc2zRewLSrmYeGPo_SfUySOQl4linFBVXfLXYkCeNizSHnufsPkuCuuNzW2REq8wQCqukVAGE--7LbeDhuxDplrfLMVOMKbmCV67duJfE_2YVKb16v8GJ2aG6useqP451kQeMbzHpyzMaOV78SkikzR0UDRnId1oeoDH3LU_SYrgW6hwf0QsnxTt4xs%2C.dwroBdZt-s98b5fwvPfFnUdJSM8%2C
date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
z.png
c.zero.kz/ 		437 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.zero.kz/z.png?u=67909&t=1&cc=be0a64726a4e76&s=657e6ec3e6b18&sh=1&slt=0&d=0&wd=1600&hg=1200&cd=24&w=1600&h=1200&ln=en-us&je=0&cs=UTF-8&ce=1&du=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&tz=-60&dt=%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&11.555408737139349
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.201.214.115 Almaty, Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
zero-web-01.neolabs.net
Software
nginx /
Resource Hash
265907c6b214f9f296040b1f2703987107e02b01180c611a7e1868f17652721e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/png
date
Sun, 17 Dec 2023 03:45:07 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa OUR IND UNI COM NAV INT PRE"
1
mc.yandex.com/watch/24958555/
Redirect Chain
  • https://mc.yandex.com/watch/24958555?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%3A...
  • https://mc.yandex.com/watch/24958555/1?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%...
427 B
519 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/24958555/1?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A490623236692%3Ahid%3A313630790%3Az%3A60%3Ai%3A20231217044507%3Aet%3A1702784707%3Ac%3A1%3Arn%3A306649056%3Arqn%3A1%3Au%3A1702784707954631793%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C408%2C1655%2C403%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1702784704042%3Agi%3AR0ExLjIuOTQxNjIxMTU1LjE3MDI3ODQ3MDc%3D%3Arqnl%3A1%3Ast%3A1702784708%3At%3A%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ef37138dbbe880d2080ce6e2cb0afc5775faf775107221039083fd54910db87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 17-Dec-2023 03:45:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://zaemonline.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Sun, 17-Dec-2023 03:45:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 17-Dec-2023 03:45:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/24958555/1?wmode=7&page-url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A2962%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A490623236692%3Ahid%3A313630790%3Az%3A60%3Ai%3A20231217044507%3Aet%3A1702784707%3Ac%3A1%3Arn%3A306649056%3Arqn%3A1%3Au%3A1702784707954631793%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C408%2C1655%2C403%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1702784704042%3Agi%3AR0ExLjIuOTQxNjIxMTU1LjE3MDI3ODQ3MDc%3D%3Arqnl%3A1%3Ast%3A1702784708%3At%3A%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://zaemonline.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 17-Dec-2023 03:45:07 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 17 Dec 2023 04:45:07 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 893A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
eca8f43f04ace2cb887c6c133446ca43.js
www.gstatic.com/mysidia/ Frame 893A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:33:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4745
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 17:33:57 GMT
css
fonts.googleapis.com/ Frame 893A 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 01:48:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:07 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 893A 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 893A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 893A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 893A 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 893A 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:07 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 893A 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56012
x-xss-protection
0
server
cafe
etag
7719666273244323917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C5B6 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e855211e44cd17e4c1e8b2184d822067cd14368cc4c063ba2da587eed5fd6c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17526
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Sun, 17 Dec 2023 03:45:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1BA8 		154 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98e72cf2d1674c68f504fcca41af42fdecf4797e472988894ab8ebf2dcf3248a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45563
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Sun, 17 Dec 2023 03:45:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE61 		155 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94145d20fa966c90fda98e85091535e26b0e3168d2d034c7376719afbf84e464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45800
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Sun, 17 Dec 2023 03:45:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&hl=ru&pvc=3473010140274599
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5C3A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:29:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E0F6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 04:17:07 GMT
etag
5585625838579639069
expires
Sat, 30 Dec 2023 04:17:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E26A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 04:17:07 GMT
etag
5585625838579639069
expires
Sat, 30 Dec 2023 04:17:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame B687 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 04:17:07 GMT
etag
5585625838579639069
expires
Sat, 30 Dec 2023 04:17:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame C303 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 04:17:07 GMT
etag
5585625838579639069
expires
Sat, 30 Dec 2023 04:17:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 893A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8503a780e1e4a5636c82aabbb2705f005c686613c9d4603fda1d711861023f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame E0F6 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 02:13:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E0F6 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:46 GMT
x-content-type-options
nosniff
age
413422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 08:54:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E0F6 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options
nosniff
age
435034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 02:54:34 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E0F6 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
6625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E0F6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 02:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
5293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 02:16:55 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C3A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame E26A 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 01:46:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E26A 		2 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E26A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E26A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E26A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E26A 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame E26A 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
css
fonts.googleapis.com/ Frame B687 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 03:43:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B687 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B687 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B687 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B687 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B687 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame B687 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame C303 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
eca8f43f04ace2cb887c6c133446ca43.js
www.gstatic.com/mysidia/ Frame C303 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4745
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 22:07:29 GMT
css
fonts.googleapis.com/ Frame C303 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 03:07:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C303 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C303 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C303 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C303 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C303 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame C303 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 893A 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
283397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:51 GMT
css
fonts.googleapis.com/ Frame BEB1 		2 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 01:53:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 03:45:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BEB1 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BEB1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BEB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BEB1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BEB1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame BEB1 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1861019062163261411/ Frame E26A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1861019062163261411/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6940031c8352733f92c1eae517bb55f90ab926eab4e09be0db245b315cac901c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 01:42:36 GMT
date
Fri, 15 Dec 2023 01:42:36 GMT
x-content-type-options
nosniff
age
180152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9237
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 12:50:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame E26A 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E26A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22ddb3cc75d82f0df628013424dc27f2b9a18bfaf8ff77e119930d713bfe5234

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E26A 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76282416db22c89bc67870e1b51733f84fde85eefe5b63aa1da48badec5d2279

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E26A 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
283397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:51 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame C6F7 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame E26A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C7RXnw25-ZbfMENOh9u8Ppc6B0Ajdr_KodMuChtjJEc6Focr2ARABIMSYyBtglcKwgrgHoAHK0f_DA8gBCakCDqjL0mBHsj6oAwHIA8sEqgTVAU_QWiGNL-r2axFQYnp5__8xlo6iXEhrfJk...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214032602877283574342%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214032602877283574342%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226075946185404613041%22}&andc=true
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"14032602877283574342","debug_reporting":true,"destination":"https://weltsparen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947906762"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"6075946185404613041"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14032602877283574342","debug_reporting":true,"destination":"https://weltsparen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947906762"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"6075946185404613041"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/15015505179479235878/ Frame C303 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15015505179479235878/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec1bea6213d66cbe1dcd4c655d499707dfb473032873651b98ae8d32873facee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 21:28:01 GMT
date
Fri, 15 Dec 2023 21:28:01 GMT
x-content-type-options
nosniff
age
109027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1651
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 14:21:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9D6F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:29:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C303 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
968a714238ece3be192b8e61e829e057f16b51d56d88704e39a77142d9447459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
dr
as.ad4m.at/ad/ Frame 2722 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b6091f566afe861e029d8f347437f5bdf12980a45a505130e6d5b14d02f47f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
836c2bebaa2f37e4-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8790 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8AA4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Sun, 17 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8790 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 8790 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRMk1AffLqAr1F6JnM98NYFTCE32EdELI8MC60KP9ykERv6a4VK-uGgDWeo5RTCWnDHnz0B_G7Rdjj-vEMW0j9W-3dIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8790 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame E6D0 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame E6D0 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 07:10:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E6D0 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame E6D0 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:35:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E6D0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E6D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E6D0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame E6D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGnGhsNLB-W176g4g4itQeNjDaXxCmmjfru_r9uhI5yINptiMhzuQBGfugq6GNymJUKzb1tRlafra9TuFp-3UhxgE5FA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E6D0 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame E6D0 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214032602877283574342%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226075946185404613041%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 4CD2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame 4CD2 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 07:10:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CD2 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame 4CD2 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:35:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4CD2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CD2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
48447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4CD2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
6649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 4CD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQL_zgBB_FvbnhduaZcHc6cOSkkemboI5rjlHworiCEIiF6IWAmbx_mvJEP6GmfSCPWkbi_qJGDZHHUAqD5xFJMTQGjCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4CD2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 03:45:08 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 4CD2 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 526C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 893A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CmK3Dw25-ZbTQEPiC7_UPraaYkAPvuPXldJO7956MEtrZHhABIMSYyBtglcKwgrgHoAHjw8nWAsgBAakCDqjL0mBHsj6oAwHIA8MEqgTeAU_QVdWPL5S1YTGSnFSt_Z9gRIqZBAEo2b7Cgms...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216565784711253647052%22,%22debug_reporting%22:true,%22destination%22:%22https://finom.co%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216565784711253647052%22,%22debug_reporting%22:true,%22destination%22:%22https://finom.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22718430691%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229696156277923270865%22}&andc=true
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"16565784711253647052","debug_reporting":true,"destination":"https://finom.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["718430691"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"9696156277923270865"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16565784711253647052","debug_reporting":true,"destination":"https://finom.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["718430691"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"9696156277923270865"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 8790 		205 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
481a497c659a4b777cf6570fd5967818a6b4c8f7ec8e2a114060eec74ac07948

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C303 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
283397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:51 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 3D4F 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=280&adk=2303328720&adf=2069133333&pi=t.aa~a.1769635591~rp.4&w=1000&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=1000x280&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784706976&bpp=2&bdt=759&idt=258&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=259
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1861019062163261411/ Frame B687 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1861019062163261411/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6940031c8352733f92c1eae517bb55f90ab926eab4e09be0db245b315cac901c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 01:42:36 GMT
date
Fri, 15 Dec 2023 01:42:36 GMT
x-content-type-options
nosniff
age
180152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9237
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 12:50:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame B687 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B687 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22ddb3cc75d82f0df628013424dc27f2b9a18bfaf8ff77e119930d713bfe5234

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B687 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4100f5a272e30a554e75fa5a9858d477c0a3628ada041d6bf5130ee14c1cd6c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B687 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
283397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:51 GMT
dpixel
cms.quantserve.com/ Frame 8AA4 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENRpP0iJpRPCK0jG87LZ5wU&google_cver=1&google_push=AXcoOmQvZeo6t0czCvpSIvImk95mLlbhOY7JO-C2jjUu7lHCd6txOp-jV5M7F6iEOtSHvkDrqmQojrbMR3_5wFfHwwITaawU-PKXzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 8AA4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAy...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcj...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
836c2bedfbe765da-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
389
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENvw6EoQq3d47rofYeT06jU&google_cver=1&google_push=AXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTcl0awGWu8y3dDxYdRZPBId1As09suYVWInbDli_8O9R7iwTa-yxaItXCFBTTMwyz3VzM3UAfVfNvLkhrPGezToCVGZcjAyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
836c2bec9b6365da-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8AA4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDG_NgniGjEwjVeyWsgMJtA&google_push=AXcoOmRVV_VgM398JdFUMcX9VC27-g5eeWpdtZHCKnYqckyJkDLT1OKdOY...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDG_NgniGjEwjVeyWsgMJtA&google_push=AXcoOmRVV_VgM398JdFUMcX9VC27-g5eeWpdtZHCKnYqckyJkDLT1OKdOYzzwTg-P_BTRBWw0aShhDvwzLKun-JILIpXxdXpQbwSBP0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702784709.581679,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDG_NgniGjEwjVeyWsgMJtA&google_push=AXcoOmRVV_VgM398JdFUMcX9VC27-g5eeWpdtZHCKnYqckyJkDLT1OKdOYzzwTg-P_BTRBWw0aShhDvwzLKun-JILIpXxdXpQbwSBP0
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8AA4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFUwFReXs4KcbZgfGZkeV2Q&google_cver=1&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF3e5DDZa9io6wNmw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF3e5DDZa9io6wNmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 03:45:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQOyElX-4TFYIZpNgKWq-MywoAwxFBNNoY4vUQs59zLi76lJNs4gXomuH5exl_N_6WMXXE9PMgmOnHg_hF3e5DDZa9io6wNmw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 16 Dec 2023 03:45:08 GMT
pixel
cm.g.doubleclick.net/ Frame 8AA4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENVCL70bABYUWEM3qKPdW3E&google_cver=1&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGP...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzQwNDYzMjk5Njk2ODYwNQ%3D%3D&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGPOKOE...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzQwNDYzMjk5Njk2ODYwNQ%3D%3D&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGPOKOEoY-GL2_hBs7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMzQwNDYzMjk5Njk2ODYwNQ%3D%3D&google_push=AXcoOmSWQflmVlFAFacMWfZaO0en6RoL5uOItSmHVOK4Rbh2M8iOq0IvzS14xVM53sfKxmoci9BnSWx1P_VfGPOKOEoY-GL2_hBs7g
Date
Sun, 17 Dec 2023 03:45:08 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 8AA4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED-eNVWK29_L-H8PEHf4hVM&google_cver=1&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD0pU4H-1k&google_hm=eS1ISkZlN0ZCRTJwRWF...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD0pU4H-1k&google_hm=eS1ISkZlN0ZCRTJwRWFfZnF3TDhnS3hSUXdBbmZTQzdfYX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 03:45:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQoO7hJ_rIU2PkQAiGou_aEcysFpysM3NxZYwMIdJPPK84_t164j6k3JhxUp02xVBNG06DF0Lk_k1HKbcRsYRZsNeD0pU4H-1k&google_hm=eS1ISkZlN0ZCRTJwRWFfZnF3TDhnS3hSUXdBbmZTQzdfYX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8AA4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFo1xJ4rSyGmC_RuGhPY6mw&google_cver=1&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFo1xJ4rSyGmC_RuGhPY6mw&google_cver=1&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU2MTQ5NzcwNTA3NzY1NzU2MA&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU2MTQ5NzcwNTA3NzY1NzU2MA&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM74pVqcK4IWqQMQGNNQcFrCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU2MTQ5NzcwNTA3NzY1NzU2MA&google_push=AXcoOmRBEYA2rh5TDp-bvXk8Qlc0QLsaxlqIxSW6sKOVnvEA4bKXxNrt50lKM66mJVTtWapE7W__i7zM74pVqcK4IWqQMQGNNQcFrCA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 8AA4 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqDK2aiH8R4j5mP9E-WoJMODJxApCSyU2dr39nQz58jv8dnVnMFQU7ygMAFegGBZPvwmWv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9D6F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 5155 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8790 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cxciew25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE0gFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYTgqJMyRy4OLuSXVjlT_njxIfx8mOlVbNKYHflUBPTXlIGNHhCNyABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk4OTMyMDc4MzU5NTIzNhgA&sigh=tooaywshMxs&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_UV5swyutHcddnf4BD0angojPpe_4CceJvvhYcKwnaRrLpWVpex_dB3MA1TZMz2A29WuvqNQPiRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 8790 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1has5gm2g6vm0731qtfhd3kws0zdajb958sqeerd29sxfb1deh6eyszgdqhaw71egdetrprjpjpbkzv4fzwdjrx7ahe0284ahdhzcpfqcpgq6wz6dnse23yx5qkeg29060v6r6ykyxq2q8z6msvnnjrkt3fk3takdjrybvnwy1vrpzxjfsfbm16eg3ayqwa4j8057cs9y09x6450v2tta00s63jx965pmcsmhwsezt8qmeyc90g4e4tk034kf2a277yh6vtrgaj2mt7gwvj04da9f086wjrhf2jwz45d6eeybz74230j6sqw5h4p7ahahj9zmc15dx373za4z0j1qw93aj6pc1v0436zapy75vd3dfj4de9br4zen9m27y03ggwmjx8whhj3trr&b=ZX5uwwAN9KAIu_1_AA-GCWswZ30LWwrNz-Ea4A&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=479556445&adf=333926611&pi=t.aa~a.2866156401~rp.4&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=3&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1546&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
/
www.googleadservices.com/pagead/ar-adview/ Frame B687
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFs8ew25-ZbjMENOh9u8Ppc6B0Ajdr_KodMuChtjJEc6Focr2ARABIMSYyBtglcKwgrgHoAHK0f_DA8gBCakCDqjL0mBHsj6oAwHIA8sEqgTVAU_QfKE5d7xR31MfzOcobhDtzJdlrb0WqiS...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221824642140942136015%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221824642140942136015%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212235303477012402273%22}&andc=true
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1824642140942136015","debug_reporting":true,"destination":"https://weltsparen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947906762"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"12235303477012402273"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1824642140942136015","debug_reporting":true,"destination":"https://weltsparen.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["947906762"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"12235303477012402273"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/ Frame AEBD 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fa850da5bef9ccedefdb47e5fa5e41d1d73b8c53b82ad106dd0a545cacb4d58
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
185980
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3782
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 00:05:28 GMT
expires
Sat, 14 Dec 2024 00:05:28 GMT
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4ECB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Sun, 17 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E6D0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afc6849e246a8c9fa9da304afcb76f3a03856f54c8d83a75b5c3f3f259cf2a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame E6D0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cbg40w25-ZduOOPCh9u8Pg_iT6AqO8J30c_3f44vvEWQQASDEmMgbYJXCsIK4B6ABkqy4lAPIAQmoAwHIA0iqBN8BT9CWakj2OKHCKAON1T5H0KgiZcbE59M3pO5MDulQ808APEB6i0Da11H...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218034190877434006079%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218034190877434006079%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217203486674818054961%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"18034190877434006079","debug_reporting":true,"destination":"https://libertex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["848172562"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"17203486674818054961"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18034190877434006079","debug_reporting":true,"destination":"https://libertex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["848172562"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"17203486674818054961"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2722 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247424
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R5dcQRjF6i6tqTDAtyf42EH8GT2IJVHpLJonC9KolJWURNAsupqdQJ%2FMSmyRBifdinKMeUmvmMDi%2F0wV7HibZMADNRhZqPqcgDKv751q25wLkKpzdxp4TcQgoDSe9j7A%2FwjRcMS%2FXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
836c2bec7a8b37e4-FRA
expires
Mon, 18 Dec 2023 03:45:08 GMT
r62eglto.js
ad4m.at/ Frame 2722 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
325819
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfOjfjCSAHP3SaT2f4dThqI1zUvAFQYXp%2B8rCCJXzc2MCwxmxtaEm7JDUwUmiEZVSWWDSIDquYH%2FKWdGaxxGVrYWrVIDyQfWnrWHDTnSD3%2Bj700X9zL52znG8S5ufXaatBiYdeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
836c2becaaa537e4-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:14:49 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/ Frame 1DE6 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09a96188dc587a74ac919e3714579befdafa879c28b716f4eb34216036e4d218
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
416972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3733
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 07:55:36 GMT
expires
Wed, 11 Dec 2024 07:55:36 GMT
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4DA7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 13:49:30 GMT
etag
48472445140208031
expires
Sun, 17 Dec 2023 13:49:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4CD2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c34766c2894d8c1e4140f81d6c05de484a588bf14460bf35a9d036f2cdaeefc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216565784711253647052%22,%22debug_reporting%22:true,%22destination%22:%22https://finom.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22718430691%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229696156277923270865%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AEBD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
29353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:35:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AEBD 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
31068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:07:20 GMT
a7617bc97d20ae8127e0e6e5688443e6.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/ Frame AEBD 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/a7617bc97d20ae8127e0e6e5688443e6.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae71b9bbe98e4fad4ea027d83609c047a360e8b84aa194855076df4637e6c74
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 01:48:13 GMT
age
439015
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34332
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 01:48:13 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221824642140942136015%22,%22debug_reporting%22:true,%22destination%22:%22https://weltsparen.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22947906762%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212235303477012402273%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 4CD2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CLhCJw25-Zfn1N7iK7_UPgsGruAaO8J30c93j44vvEWQQASDEmMgbYJXCsIK4B6ABkqy4lAPIAQmoAwHIA0iqBOUBT9DWzFeaW1qdr0S93spBjDRBpHR0XqywgKWn3zaZwK5DcOUAvAtwygR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212478636524859042717%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212478636524859042717%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214720391249852154753%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12478636524859042717","debug_reporting":true,"destination":"https://libertex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["848172562"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"14720391249852154753"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12478636524859042717","debug_reporting":true,"destination":"https://libertex.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["848172562"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"14720391249852154753"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1DE6 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
29353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:35:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1DE6 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
31068
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:07:20 GMT
a7617bc97d20ae8127e0e6e5688443e6.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/ Frame 1DE6 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/a7617bc97d20ae8127e0e6e5688443e6.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae71b9bbe98e4fad4ea027d83609c047a360e8b84aa194855076df4637e6c74
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34332
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218034190877434006079%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217203486674818054961%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame C303
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE2Jnw25-ZbnMENOh9u8Ppc6B0AjRkYjkaK-62LKaD9r3pqKMDhABIMSYyBtglcKwgrgHoAGcibPcA8gBAakCDqjL0mBHsj6oAwHIA8sEqgTaAU_QHkxmme634emVAgJOiAhZUUY5JyzAec5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211899939841509007279%22,%22debug_reporting%22:true,%22destination%22:%22https://toyota-forklifts.de%22,%22event_report_win...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211899939841509007279%22,%22debug_reporting%22:true,%22destination%22:%22https://toyota-forklifts.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999081116%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22491681431753490465%22}&andc=true
Requested by
Host: zaemonline.kz
URL: https://zaemonline.kz/mikrokrediti.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11899939841509007279","debug_reporting":true,"destination":"https://toyota-forklifts.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999081116"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"491681431753490465"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 03:45:08 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 03:45:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11899939841509007279","debug_reporting":true,"destination":"https://toyota-forklifts.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["999081116"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"491681431753490465"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4ECB
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK0Jixel9y4-8c4rpl2WRZ0&google_cver=1&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7X...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7XV1xX6NWEBIWm2vp4tw8PXXxi4V8rfgWxUdP16w7-FMeNY&google_hm=8jcpovy--...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7XV1xX6NWEBIWm2vp4tw8PXXxi4V8rfgWxUdP16w7-FMeNY&google_hm=8jcpovy--DVLE6TRoEx5Vg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQwpmFFaptB1s5_r2Zb-0DDgtzFnvPcXwsOXzkFn3WBZs6T7gYr7XV1xX6NWEBIWm2vp4tw8PXXxi4V8rfgWxUdP16w7-FMeNY&google_hm=8jcpovy--DVLE6TRoEx5Vg
pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ECB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUVIMFUzSmoxUmVJNXU1&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUVIMFUzSmoxUmVJNXU1&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xeD_enHn1WeIF4TOoRn7JLvySL7leiTRaM_2eKyl6NHZP0Yepn4xQucHdU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 03:45:08 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MUVIMFUzSmoxUmVJNXU1&google_gid=CAESENoxnShM9eqf7FkK6J3iUuc&google_cver=1&google_push=AXcoOmT32RqXXyh8t7-O83WWI6rF2i8a3NxcYoU-QpvT7xeD_enHn1WeIF4TOoRn7JLvySL7leiTRaM_2eKyl6NHZP0Yepn4xQucHdU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 4ECB 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMN46WcXgU-hI_yWe5ppuZE&google_cver=1&google_push=AXcoOmTQyU8GVGdGdiQJo-gIsa6Tht67ksMrIsCDFeyRm89rl-FTJAU2XIAqm3c2W4nypYXi2rnvxI2aU2kYVS8AwXCRIZBKflPR2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4ECB
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESECiVErvTX8dqhmQz_kATZfs&google_cver=1&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqd...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XE51crK8QqMe4y_vSGANVw&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqdVFbzVBmxmV564ao
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XE51crK8QqMe4y_vSGANVw&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqdVFbzVBmxmV564ao
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XE51crK8QqMe4y_vSGANVw&google_push=AXcoOmSi9C7wCQ60LndRxGFjT0iqbHR1d_oBnOktD9HdWhcDWWuIRb5VSnq8ULyRvtkaVrLuXSi5GVQ2NTuQAqqdVFbzVBmxmV564ao
x-host
tde-deliveryengine-production-6b95976987-gr2pd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 4ECB 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELk1g5k5xYFJM9wBQXRcc44&google_cver=1&google_push=AXcoOmRf-1VBT_M8vNs-fyT_kpCuX18pF9m-pw3QqEihH_hvoMUz6Jc50qdWuFcCK7OSSAJDVtSLozgv5w0QaLbwx55uP4kFXCYiIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4ECB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFp-mSWa8QVvFJmCFEu45Gs&google_cver=1&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWF...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWFxXr-TaPzLAT1loeC5Qo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWFxXr-TaPzLAT1loeC5Qo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR2lPa-G7M4CT5QyPJlHQws_925hgTuIYRGLLUfm0lu6GViszEgvMPwT09LjCtX1JIgW2Pla3UI5AWFxXr-TaPzLAT1loeC5Qo
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame 4ECB
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESED6aX034xrmm...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQBLcIrRdauH51ZTx2_x7HLIyZpD4ZoZm6nUO_BuPBJ5FKHlCeCnHZkXXz7I18WkRCcrZD5CxZY1pygyMWL5z9HAXFzzFw9fSMd
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 17 Dec 2023 03:45:09 GMT
pragma
no-cache
date
Sun, 17 Dec 2023 03:45:09 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4ECB 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8EQmJUllfZkzwqaDXOatNkFVp2rk-3ZZg-vqv_6VCFxtdKnixb995_I2qqqXRJiZJPd0ATg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4DA7
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKZIrk1JLrgE764CZyNUmJM&google_cver=1&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdp...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdpPdwgHTlNIl4icw712fMA_-YKjiqrzic4jBmWIF8Nw9h7dR&google_hm=8jcpovy-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdpPdwgHTlNIl4icw712fMA_-YKjiqrzic4jBmWIF8Nw9h7dR&google_hm=8jcpovy--DVLE6TRoEx5Vg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSRvSdol0PAMrRFUI4nM30MlPG6-p9P_QJWoVp4XLq6gDuCsvmqdpPdwgHTlNIl4icw712fMA_-YKjiqrzic4jBmWIF8Nw9h7dR&google_hm=8jcpovy--DVLE6TRoEx5Vg
pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4DA7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ86cd9fVZyoLuAcgOWahN4&google_cver=1&google_push=AXcoOmRBz-7uw4anKutPi6LHHbB7Kri3xIa5Qm3q2TPyneotPIxFFa8s9wOKFBYmBxVN-y-TkX26w9EDFKBQSkQ-hxdhyjiA21ZBI0vN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4DA7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEM6GMsHUooRcX6f49JajtQ&google_cver=1&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fFjzd4wGAiqoF6JqEBG
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fFjzd4wGAiqoF6JqEBG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 03:45:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5E643EBCC77F457F8B3CA41A5C545207&google_push=AXcoOmQ4t3BjmP-jObyJsyWpDKd7c1oy6yXNwdTtIuNKd-9ynq46143FGPKQ4EGD6X9cAV7YXjSDWtNQ1__w_fFjzd4wGAiqoF6JqEBG
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 16 Dec 2023 03:45:08 GMT
pixel
cm.g.doubleclick.net/ Frame 4DA7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHmVBXcDRm29HKDyTU1ppfI&google_cver=1&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7Uar7Zfyjc58xUmkXuQsmhJ&google_hm=ThAQ10j-RTadxf-j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7Uar7Zfyjc58xUmkXuQsmhJ&google_hm=ThAQ10j-RTadxf-jzRriPW0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS-DmNyoEXznsk15x_XXB9ZYO8PYQXZOZgRnhZfa7iGymFddXhzqLIuyhSPR8-UdjXi7L3BtcTFQ7Uar7Zfyjc58xUmkXuQsmhJ&google_hm=ThAQ10j-RTadxf-jzRriPW0
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4DA7
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEP6k9Nmp02ny9MA19PoyeIA&google_cver=1&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VQgxCynnRCw5LfXvYQmsBg&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAbkGS7xwWuYQIUN0d1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VQgxCynnRCw5LfXvYQmsBg&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAbkGS7xwWuYQIUN0d1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=VQgxCynnRCw5LfXvYQmsBg&google_push=AXcoOmQaM6nHEYgoWo35Nh28bjiR5nvU8jDoBQhMADH70kwd4MhzNaT7HWO1kyIJz71RYKzEDB_9jSbVi3mGzJAbkGS7xwWuYQIUN0d1
x-host
tde-deliveryengine-production-6b95976987-4dcmt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 4DA7 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENuICoJQlzsCok0a1IQGv-0&google_cver=1&google_push=AXcoOmQnhv-RcbbfJcVcEsVsuFnnO-R4FAcQGGRNf_KI_HxLiuZFe-nLlBA1D4dnW91jvB5RSUxX5aGo8VWErYag-6q1-76IKVQHlCI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.171.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-137.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4DA7
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOaxV2B4Nrb1DnbulRMbLXM&google_cver=1&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUj...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOaxV2B4Nrb1DnbulRMbLXM&google_cver=1&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnET...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTP3LSFOXg72CyiC1apLXo9SJAV5Tp94kkI4Sweka7GatQ6RpebLGok60uyGFYsn13iRrdBPHko2D75j83wJpnETUjOxU4M6HiQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 4DA7 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ld7yy-s4X-hkRXCoaYvkNMkbmxUzBR8u5jdDcddb_zzjlirRQZjkkmmj0HuKotANrK4tj5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 42AE 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2722 		350 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1457329
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1Wy0cmaNYG7B%2BFWxBR4AzKSXKKm18ksd5Zy%2BXKPabc%2FRox%2FEwwWqpdZX%2FdFJzRCqkFVWb2q18c0fo5kW1fwFp6ehx2Om4Jo6PRWpIcbHCKTY31E3YJm2c9l4IXYkBv%2BTES%2BkYSvUGrhRFvpQoMrZpR6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bedcef6bb86-FRA
expires
Fri, 29 Nov 2024 06:56:19 GMT
cookie-frame.html
ad4m.at/ Frame 5860 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1599761
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
836c2bed3cb74db3-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Sun, 17 Dec 2023 03:45:08 GMT
expires
Tue, 28 Nov 2023 16:19:58 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhNpAhAwD74nrIRjsg7OerKp3i9zbLXvrQ9%2FpqXDIOGnyGYggxANnNZMcxKmqqFJJc3yLdwkwt8IFIZc9jQUN5UXNS7jao5eUfHh1M72TceHHG%2BUHcYo02iEPUT7OXtuipwy%2FfA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
c4cf7333577aa5ba3df1ff3d566eb3f0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		385 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/c4cf7333577aa5ba3df1ff3d566eb3f0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c27af2c222ad46d9ee45539b9a61deeb67fbddc4977bd84226a3acf1ddb9022e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 01:48:13 GMT
x-content-type-options
nosniff
age
439015
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393975
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 01:48:13 GMT
291db7316360ed3acb6ebb5088573293.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/291db7316360ed3acb6ebb5088573293.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7760a8049f4d01efe7939911c133d4ed63d6f4983422f533ceb0552fa7aa2e7f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 06:51:03 GMT
age
420845
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
608
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 06:51:03 GMT
68fcb887c819ecd9e49ba2bd8c4759cf.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		1 KB
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/68fcb887c819ecd9e49ba2bd8c4759cf.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf718aab24f82fade3422811893da6b28e2ea2b270bd7d776f6adf44de59cdcc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 17:50:02 GMT
age
467706
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
563
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 17:50:02 GMT
bc573126d3b8676614460269c56c0df7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		1003 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/bc573126d3b8676614460269c56c0df7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44239cb2729de9995a18e6709a45fe184ce1889fa4836e74521547cc7ef9004f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:02:55 GMT
age
412933
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:02:55 GMT
15c5b16a0fe3f930194311b468641eac.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/15c5b16a0fe3f930194311b468641eac.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bfcb79f8577d46cb97781850fea6ea360b161d5f02600b682bd752dc8605b78
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 06:56:26 GMT
age
420522
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 06:56:26 GMT
7464d2ebca5911b60054a2221e0db683.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		2 KB
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/7464d2ebca5911b60054a2221e0db683.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeea2b6c5be5d75e232d85d040eada0bd93b7dda105f4ec4fbad3df958984668
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 11:12:25 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 11:12:25 GMT
age
59563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
799
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8e95be69833bb9a0e9fa851046286fe7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		782 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/8e95be69833bb9a0e9fa851046286fe7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8401d1d12e49594d7924a68ad3dde022f973fabf5360f518778e35fc6b82fe6f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 16:03:14 GMT
age
474114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
454
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 16:03:14 GMT
f0ab5ce73e03fe141eb4b6e57968a791.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/f0ab5ce73e03fe141eb4b6e57968a791.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3868835caf50bf23ab9f5d99437d2a78a5a8d2fd4d73ea5f1396e3e85460569
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:02:55 GMT
age
412933
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1001
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:02:55 GMT
c237cec77992af7a0dd238387bf2abb5.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/c237cec77992af7a0dd238387bf2abb5.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
460f3ba8083646a34c00e4b7e5d3df5578aa1320a0e895c2cf43b0e984301296
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 09:53:49 GMT
age
409879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3661
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:53:49 GMT
8f3751de97ec9b99b226fd8886b9325d.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/8f3751de97ec9b99b226fd8886b9325d.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305eb7d3cb7b437040c2975d94c51fb7ecb061d95327023a5cac8dc846f5390f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 19:23:26 GMT
age
462102
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3432
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 19:23:26 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212478636524859042717%22,%22debug_reporting%22:true,%22destination%22:%22https://libertex.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22848172562%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214720391249852154753%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
621671242c88c4ff8a8cde7b663b5513.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/621671242c88c4ff8a8cde7b663b5513.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1365c9d12f6f72e3dfe39ae31145a810170a53f3b283a2bc5233572a7b183164
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 07:55:37 GMT
x-content-type-options
nosniff
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254001
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
291db7316360ed3acb6ebb5088573293.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		1 KB
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/291db7316360ed3acb6ebb5088573293.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7760a8049f4d01efe7939911c133d4ed63d6f4983422f533ceb0552fa7aa2e7f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 12:26:30 GMT
age
400718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
608
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 12:26:30 GMT
68fcb887c819ecd9e49ba2bd8c4759cf.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		1 KB
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/68fcb887c819ecd9e49ba2bd8c4759cf.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf718aab24f82fade3422811893da6b28e2ea2b270bd7d776f6adf44de59cdcc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
563
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
bc573126d3b8676614460269c56c0df7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		1003 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/bc573126d3b8676614460269c56c0df7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44239cb2729de9995a18e6709a45fe184ce1889fa4836e74521547cc7ef9004f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
15c5b16a0fe3f930194311b468641eac.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/15c5b16a0fe3f930194311b468641eac.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bfcb79f8577d46cb97781850fea6ea360b161d5f02600b682bd752dc8605b78
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Dec 2023 03:54:44 GMT
age
345024
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Dec 2024 03:54:44 GMT
7775d1172aa617cb10460682202b6546.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		1 KB
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/7775d1172aa617cb10460682202b6546.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab9cfd7a23ef04ee087f377cee14665bc99437cbcb76f1f595b063f9520a9c8d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
777
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
e3e10e8dae3971e480ec2186ed8f05fe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		750 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/e3e10e8dae3971e480ec2186ed8f05fe.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2be6ffbf86b2f92f881c8dcc79664cc4fcb973cc5c24effe6c844942600ef207
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 12:26:30 GMT
age
400718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
454
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 12:26:30 GMT
d8982cb18b318f5778dcc11faf8d551b.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		2 KB
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/d8982cb18b318f5778dcc11faf8d551b.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd14ddfcaf3c700e8a12d833a21e16a9e638669ce3f112ea322beb281d8b780f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 12:26:30 GMT
age
400718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
897
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 12:26:30 GMT
aecf4a68133cf54fd64934c76b2dd87f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/aecf4a68133cf54fd64934c76b2dd87f.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa1bb8f4a0b93b80734a876dd770bd1560b8e14a524967d89b283525b5962fd3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3406
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
ee3e118d369ad52c22108df50f1ae2a6.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ee3e118d369ad52c22108df50f1ae2a6.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8fdb43ed845001f62e054cb4e136685ef9d653a1efe9dbf91982292f72eb04ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 07:55:37 GMT
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2704
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 07:55:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211899939841509007279%22,%22debug_reporting%22:true,%22destination%22:%22https://toyota-forklifts.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22999081116%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22491681431753490465%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 03:45:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rs
ad4m.at/ Frame 2722 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4aaa3072f3261e2daa23ad60c99e58a5b69aa61cdc826bb237add432e239909

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Dec 2023 03:45:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czLt8gnjnK7h0UU39af5W02ujHxumbgaIyP%2B9X30d4fMAXPowkQ2D5Sx3dJQhOS6HdYQ8DFaz%2FO1tBRMNh2S%2Bfh7y9vO72DD0Sy5ljyOwyQdxxYhSBRaJIaJkp1zXBHjL%2Bjkgqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
836c2beece459954-FRA
x-backend-server
aa-reachservice-group-europe-west1-vw32
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
836c2bee3e089954-FRA
content-length
24
content-type
text/plain
date
Sun, 17 Dec 2023 03:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FhSdW0PL85cn%2By%2FWjdS94zDuz83ahMAj6FGxL4D%2FvTL4Hb8BAH5QnGIQNzU%2F6k3oQqtrmGKBz9nqNN9EeARN30QPoMEOxm%2BD%2BN2ai1YO%2BT6T2kyGM%2FqPC02UGp3PIm81DdGv9M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-vw32
60c24e242b05cd35f0872945cd133fd2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/ Frame 1DE6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/media/60c24e242b05cd35f0872945cd133fd2.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb72848667afc9e97af232fedadcb2b4970fa6bf54fab3fe502d6ef9de5d2ed
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17374403928244011800/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 12:26:30 GMT
age
400718
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1065
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 12:26:30 GMT
420ccbf809a9836023487c2bafec67b7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/ Frame AEBD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/media/420ccbf809a9836023487c2bafec67b7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9245770d7063151fe68179365c7dd652259e65bf2f7940c8a7134eda72eda34
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1448765489972060444/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 15:57:29 GMT
age
388059
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 15:57:29 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame F227 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=73143367&adf=11469031&pi=t.aa~a.817080823~rp.4&w=218&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=218x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600&nras=4&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1071&ady=2591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 1DE6 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
sp-push-worker-fb.js
zaemonline.kz/ 		65 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zaemonline.kz/sp-push-worker-fb.js
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/d2c0d0f113bb1a3f219720b71a9e0e67_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.89.186.213 Karaganda, Kazakhstan, ASN9198 (KAZTELECOM-AS, KZ),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/mikrokrediti.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 03:45:09 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Mar 2019 11:27:40 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag
"41-584fd9be9229a"
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
65
Expires
Sun, 31 Dec 2023 03:45:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7125e0e971f745cac0132f3bc12b46dee7a0a587185faf8877762ce773681e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12274
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 1E78 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5989320783595236&output=html&h=600&adk=2276249763&adf=407837526&pi=t.aa~a.1406438175~rp.1&w=240&fwrn=4&fwrnh=100&lmt=1702784707&rafmt=1&to=qs&pwprc=3650940471&format=240x600&url=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702784707871&bpp=1&bdt=1654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C240x600%2C218x600&nras=5&correlator=3163627070802&frm=20&pv=1&ga_vid=941621155.1702784707&ga_sid=1702784707&ga_hid=650448898&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=3712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080103%2C42532524%2C44785295%2C95320884%2C21065725%2C31061690&oid=2&pvsid=3473010140274599&tmod=844764046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=4&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame AEBD 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
395752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 13:49:16 GMT
rar
as.ad4m.at/ad/ Frame F3A7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12e934d5086e573b65e21dd2ecda2f95cc8ca2b36bab5c1a06f8ad4839b928f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hmm4j277mm93ex63d0pqbkrpzbkqp3vryc7hnhyx24sj9zk1r9sy12m4dvnea4ckzghtwe7mbq9ahgw9m87p6c99f2fj53k4fm4kce03v3s8he0hajexqvbwh7macek0hkp7s22rt8hhbtce1aq0wjsszbem7w0g9peb7zk8b4vjfe3059xndwe6dm29fbf7vbkhxwt237cmjjcenyy4fm3z9py1zcyqd9rt98tz8e11bxdwmq6eky5jeg454majfn016gtznr68syvt31m5dsxxmckvsa3kdhczex79aj25rwkqxkyzt5fhtwyk16qm6vv58ncb96w2y24c1vex2gek98ceejna9vet8v44xerpxwe59rchtepa4rjxmxw4ag75hwe9z6dzrnm4gtqc5029dg0rk2a8vxxkpyrnp8c85syt2vy6p78zy24s2dx2ya7gk5z0g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%26client%3Dca-pub-5989320783595236%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
836c2bef4d9a4db3-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:09 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F3A7 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1549310
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mrp%2FCTxucGHeJyrxuSjJ8S%2BtRX0xzNKlopad1yaQFOMD5moGgjne9uYuq0T9A%2FC14QB3It5uHAuxGjE3CtNrZKCxfcvf9oEoLr5rjPEALkDUMISMyt%2BZhp5q9SMwrVHTq7tut%2FgbeAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
836c2beffdef4db3-FRA
expires
Mon, 18 Dec 2023 03:45:09 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame F3A7 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1641281
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAbTBfusr9ZGYaaw0vNgThhGSWkRLvAIzNkZV6%2BOLfFXU3lN%2F5GHXitQ1y71ufD3ndIfzSMKBY4P%2BFiD54blt3i9%2FFOcCI6CYkvJ0EQuoDJqM4iFndOmwCCIGnvQ1jxRc4NAl1wSsMU6j8PN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00cec37e4-FRA
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame F3A7 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3032566
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33043
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:07:19 GMT
server
cloudflare
etag
"4248eb804269666620fb86952a326d7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ag3%2Bf102C3%2BKFrAyLc%2Fr2M4xHGSHAOK%2FEKv2zJnVSVov3PiX279WqBnUj2pFfyIS6HVJMm4k1Sm6w8DSJ6lWjWlrc1kwLQ6W1yb4nXqX1W%2BXkK0trUXgV4v35qz6QLEd3BbE9gouhrLTVpH9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00ce837e4-FRA
2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame F3A7 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
attribution-reporting-register-source
{"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame F3A7 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203598
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C20U1ietahwmJ%2BNjd6MC%2FqXPk8gDxQ4%2FWBE8Jls88jyGi%2BnCrAguCcfDzESAnY3dKDfbCFgIjVsO0wlt5B9rLPlsJ2C%2B1P2YoAFQtGn8yEVUv0IXSvC%2BQ0JNNJcD9tjrrGtzUrhvwgWSdvSj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00cf137e4-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame F3A7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3188505
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xot33w1VtUxTcCLGY9NipT3EtgmlijeOGoJ5HxIcc75gE0pdEyZOv0HbTTXNZDWxx1ewGe%2BRsVJkBaUoSHEEm3bU4e23dTyY1ntPmMd%2FaH%2Bf7%2Bmqw32yo5%2B12ON09SBj1Q%2F3o%2FGk0QMgWUIZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00cf437e4-FRA
cshow.php
www.awin1.com/ Frame F3A7 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 03:45:09 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame F3A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199401
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BpnYHcPKd%2F2IvwHrbOrF%2BjPsghqZewRj4hgaeDjuc80gCy12wq%2FeO3UEKp1SHOJ4kYLpHKXZsisfGzuPZlX2LStxlhVP3bfXxO7pqUXh92tNcVHU2Mab1TPTXS0n43ZxKWrv3jOqY%2FIYBsq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00cee37e4-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame F3A7 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2841764
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOe95wDChh2RVkzWKyigzci2Mw9QvJQdPu72uOf2MyOCt%2FPrS87NXkv8fJH%2FVH4ejybf3GAGLia3qf1Ptq4SiZfncFrEDqSfYG90lHvdh09AEAXWtlxVGbfQ0mGySpe8NXf75ZRC8j4ZhOF3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
836c2bf00cf637e4-FRA
cshow.php
www.awin1.com/ Frame F3A7 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=160&d=600&e=&g=63b658fb468be66c65e08d6460337c7d%2F18184786084083197403&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702784708949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hv2nq6axfdzchev4rdam8w5sfdwa7q01n2dd8fhve6ppj739vbv3tfnk99n0wam9ap4sff16vzvw7407qadk9s6tqtppmgh6xfb55tdcagdr5wr2kybqkjje07s5mjn3sk8890s0j2jp2jyxs9p0frv4tvpvy10fnbanczaxzyy7w8nyqyzz9q6dfkztrjv4rerxwhv5gyps2ys2f37xqqkq3s7zz15phnssgnhmvvntj9cw9m04zs1zhk2366bq74xx2ph0yna82kdx9q3nk3h%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYD9ww25-ZaDpN__67_UPiYy-mAGQ4YGEXLaoworwAsCNtwEQASAAYJXCsIK4B4IBF2NhLXB1Yi01OTg5MzIwNzgzNTk1MjM2yAEJqQIOqMvSYEeyPqgDAcgDAqoE1QFP0Cdat9scYXD1uIYac3G7H6TwXmPxs8KpSBocG4Tj3tzhOUQ0RcvWoTtSeb0itqMFaUgth87nrvu9NUFf_9xIfiWyVhfXDuovrI1TAKFsBzd80hMJivjtZuhmMM-XamR2Jf_qhqixRI9Rb8aVCg6oIEY48gp2k8GnUKTgedrwT25E4IEFZEKmKKtp3qCaEs1HdXWYTNJ1kGAThQaNT3MjjV4Dp96hxOScEVdYDAioofOLZ6Imzj31T3Z1fSsLzWSEu04QqUOWB7jbU1VQzQ1-SBQHC8GABuWsvenhspfvvwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9bWTrceVgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_06KEUT6nvOpcUyZdXciNPXT5ZagA%2526client%253Dca-pub-5989320783595236%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 03:45:09 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5989320783595236&plah=zaemonline.kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 03:45:09 GMT
sendpulse-prompt.min.css
web.webpushs.com/dist/css/push/ 		49 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.webpushs.com/dist/css/push/sendpulse-prompt.min.css?v=171705446000000
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/d2c0d0f113bb1a3f219720b71a9e0e67_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
55d5af72b99642ef3af80303cec012e37d4847994cacb5f527e61bc4e71aa2c1
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 17 Dec 2023 03:45:09 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-age-lb
17012
x-77-cache
HIT
x-accel-date
1702767697
x-xss-protection
1; mode=block
x-77-nzt
EgwBnJIhiwH3dEIAAAwBJRPCMQH3IUsDAA
x-accel-expires
@1703588656
x-77-age
232853
x-cache-lb
HIT
x-sp-ma
sp-ma-0
last-modified
Thu, 21 Sep 2023 05:24:29 GMT
server
CDN77-Turbo
etag
W/"c2c1-605d7b4cb5d30"
x-77-nzt-ray
cf87872747301a71c56e7e65a8928f0d
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type
text/css
access-control-allow-origin
*
x-sp-pr
lpr-05
icon-ring.svg
web.webpushs.com/img/push/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.webpushs.com/img/push/icon-ring.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cc61bf3390663da987a0a864c64b7d76ea2554135a4835dfcdba6e2acafa22ab
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 17 Dec 2023 03:45:09 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
x-age-lb
735646
content-encoding
gzip
x-77-cache
HIT
x-accel-date
1702049063
x-xss-protection
1; mode=block
x-77-nzt
EQwBnJIhiwH3njkLAA
x-accel-expires
@1703085846
x-77-age
735646
x-cache-lb
HIT
x-sp-ma
sp-ma-0
last-modified
Thu, 16 Sep 2021 09:58:45 GMT
server
CDN77-Turbo
etag
W/"524-5cc19dc47df05"
x-77-nzt-ray
cf87872747301a71c56e7e6537df9c0d
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
image/svg+xml
access-control-allow-origin
*
x-sp-pr
lpr9
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A6B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 19:15:56 GMT
expires
Sun, 15 Dec 2024 19:15:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F4A2 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3879f5e9414512ecb4597231b0aca2e43b5f0e6ab7f948e61623ba86c473628
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OsGaSBJXE3VAYu7TKDiCUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zaemonline.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-OsGaSBJXE3VAYu7TKDiCUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 03:45:09 GMT
expires
Sun, 17 Dec 2023 03:45:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame E26A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8mXocWeNC8bkfXFnLuk_cxSYxrDYPAy4bmVwxS67P_jbYqxhcAWWWpENWuNf5IpCvy2Q5RpfhO4QpLc-yQtC0WXw6NedIW4jNzJSGD3jkuvI4fS1b3fyZU_WZSbl_l_YK5r2Pr00COwXb9FN0xEoc24DD&sai=AMfl-YSJUS2xhwgn7jvXIwoTPY4T_nX_HQzmZ4VCEUzo-9JQzc_2XyOGQn_WJxpqw8xd7NbMlvXbGCmFpSASCX9aWqD3m81gSITmgvu5P9frNyq57Mzq8Y9bIEQzq2MaOtlh3k5bKWLKPyBqE2smem5E&sig=Cg0ArKJSzEFYYfHPSfADEAE&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702784707995&rpt=171&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7A6B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 12:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
53574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 12:52:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F4A2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3473010140274599&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7A6B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UgkkbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 03:45:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 893A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstux5R6bMHAfxaHQsQ3rEa5EnPfZ0I63tOjaSPQe7nifVJl20OhZ5Ns04jas9JcSHfcn4hUkwvuIzDOSQ-Js6f6P6oP3Hvi9xQ0KxLoPk6BuV9ESyLK4sW_v-JSsSY_CH_2ekiPreuXvTGDPqPtqCjqCZvK&sai=AMfl-YQwNL3AJDFSANwjXXJKUTCvpE2g5nHOsrNZ7XPnL4AnBN40ruKoxoRg7rBl3T596H7XLB5GjBoTDaImXMnlEdhG87AVoor7fjejr48zSN8DHeZ3nqVGYloaiSXdtADZSSZoLFFidcjrAIDJ7T86Mw&sig=Cg0ArKJSzOsAOfNXoi6uEAE&cid=CAQSTwAvHhf_4ro4hgAQd3e10euBjD8c7aiIII-nGktuiLZYUqqI5QgX8jUqb_lxtJRPiW2MBpnTE_yPoANSejAQjwbZrYfMa97EeZwe1IimHOYYAQ&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2303328720&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702784707236&rpt=1164&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B687 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlFsap7fjgNMphqWEkkw069JoQiFCZWffYG-RvGbOqwoeIigS0I9KJTUPVLLX0SJ427fNlaGwkYE7WPOtUwNyLBe2Qxnf7RC4NKl1MiKjfcydp7Gr1qwdIn44gjQ_rQEEbm8FfRYfbQhof_CJUomCE-cI3&sai=AMfl-YQxNPBXyAQECiOJmpnxHDDuIBx6eDzSXRVYRnMUbtcL5cZ_vhe3C_mXwGc3K1eIzGS8OycyccflbQu2OMBTJRrcoOj_JTiVboO74FPzEYkTyygNpU4yWQhf0sw1xLYjP01xPlUpyg6hbO7I6fxo&sig=Cg0ArKJSzA3lYkiSC5oKEAE&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702784707997&rpt=421&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C303 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWYn-p-xrr7hT0Z4MZ2GeV7zwsrhxvEFiL4_CRtmba01bhCjHZejkyrwwVfg1TEMFQuBe2GJKLfYuRavEJRodB8_2SLbwlyTY6b61OmI5LCzPr-atj0lQ3ehcNb1Zmu9r0vzssxBrj3ESjS5P3QvsZKpOe_cHZf41Si5wYJDpxMME47luVMvc&sai=AMfl-YRrTRO4lbCo7i1I1CV45BIuqJjteft4zWpwufT6VcUcDwElMhjNngRzhl92__4xiM6XFACACeog2c20wvq9L7rKIcZYo0B_8uEUHh9YqHiyhHtDf7yug33qVhOxfBQ9ty1rFhuemTNxBPj1OOw8&sig=Cg0ArKJSzBPKufQQWXAAEAE&cid=CAQSTgAvHhf_vRlFQbfyll2W7ozlcXWsDEUoAt2uU9BJ-kiR_3Cpp05cIGf-GBwixly_zVJ85kV1H31iWr1brb0et3KFWD2emWEuKcxDYYCB3xgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=344,1000,1000,1000,1000&tos=344,656,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702784707998&rpt=645&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3473010140274599&bg=!p6SlpOvNAAY3kmNgF5I7ADQBe5WfOApWfYp5EgdGi9M0ehAzAWaJOX7HiionSjCGnpCkRnXVHXHkXLxfYo1eAZ4uWolgAgAAAERSAAAAAmgBB5kC6rHoKjsaWqOXm97uIWr_IJoGO80FlGzpffodty00fkLwre4GjnIEMyFdHVz-L3nfeMgZTAGXbZ8rxTxWVz2_upfotyRmI3fseHzx32su3L6j9Hb8w_NMPFE4iOPLEPAJo3WkKQHOUVeeZlcWdzmre85NDJwZ3Lf5oZRhC8u_mj8KFHgiHkXGHiOX14BdDG2z6R9fVHWkrEGg0j7MINnYKNY3UI6t33GEXk35kv0f3hkLR-fzVYE4htibnrxLpGUAQgpFN0p_cXCaMy45KJHq6vyrpI2WgFUKcSE3dYp0nOgVJRp2XQ6T6Ng_tp3w2iWd7wMIK5_fZeV70aWpoiEDT6EMHvj3jDpQj8dIAKFhNuia0gf-KrD86A2a5xyp2JjoLdcz1Bc2mIc0d7qE7tk2bhv-Ellbf-kzf-tFOkFqeaazXj1NWLJIosRN10gVtl_R4LeZ9x7wtPgtGojctIJwQgZVEW02TYAis29NfZZzm_H7d72bRCJbJNcHUMkcJFFJ1uBAXr-4joLji2NwwjCBd3-tv3uz0i_A_vtiqPUdDFg5LK6eX3aDBdzjOo8Z2YJ2BJVTBFEs2QMi8zWi-iT1V6QrVl9mSoKExCWeiXXCgfDb745uFB3EhiB_VN-wpya-jYZNRyAvTvEQQs3_7EFVOsaErLY3X7HABUH2zUP59qzRHvLmpH8sodbWRi1oZvvh8Glr8aZhh0WDyYVN9ucOwK2sN9tCjXvgd8NXUfX5lyRhKwFPsrn1o_HEk8TOA4eHGoSFiA48a7EY4c2LsWWQFXL8KBk4NU6dH0uamURzywyPxSkKYJ9khuZgD1yUNo84yhjptyhXhtzhxxirdahaT2JGX5ay32YTD0jS3yfSGyzSz4A6s-XCgN34ZkQDt8ZYocgUUdfiACtP5IwGc-d78WxVDbxIg-6hkDQnLQKUXmfNiHd1iVgwZo7qzWhBSdZ0QjoYIy8cCMsqVpYyNtnSfUXyEifO1JzafVP2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E3HW39SSPT&gtm=45je3bt0v9102654154&_p=1702784706367&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=941621155.1702784707&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702784706&sct=1&seg=0&dl=https%3A%2F%2Fzaemonline.kz%2Fmikrokrediti.html&dt=%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%B7%D0%B0%D1%85%D1%81%D1%82%D0%B0%D0%BD%D0%B5%20%7C%20zaemonline.kz&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7587
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3HW39SSPT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zaemonline.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 03:45:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaemonline.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| _zero_kz_ undefined| $ function| jQuery object| oSpPOptions function| oPromptPush object| oSpP object| core object| __core-js_shared__ object| firebase function| UAParser object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| Drupal object| jQuery110206873714961492481 object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter24958555 object| php_js object| b function| DP_jQuery_1702784707791 object| Tablesaw object| google_llp object| google_image_requests object| googletag object| GoogleGcLKhOms

52 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: Jt_2oq-BzIBgGceLcgFrt3Xy1Vkew71H
zaemonline.kz/ Name: wdc_viewed
Value: 1
.zaemonline.kz/ Name: _ga_E3HW39SSPT
Value: GS1.1.1702784706.1.0.1702784706.0.0.0
zaemonline.kz/ Name: has_js
Value: 1
.zaemonline.kz/ Name: _ga
Value: GA1.2.941621155.1702784707
.zaemonline.kz/ Name: _gid
Value: GA1.2.814306609.1702784707
.zaemonline.kz/ Name: _gat
Value: 1
.yandex.ru/ Name: i
Value: rpICBayjMVhpJufR55nEyUSHteLruZ0BJWxHxRqvmZRGGdK3lOntYEZcap4iXRWflnxKtP1oM41dgiOaHQo2cayyI9s=
.yandex.ru/ Name: yandexuid
Value: 1338939791702784707
.zaemonline.kz/ Name: _ym_uid
Value: 1702784707954631793
.zaemonline.kz/ Name: _ym_d
Value: 1702784707
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 65281960fake
.mc.yandex.kz/ Name: sync_cookie_csrf
Value: 504840247fake
zaemonline.kz/ Name: _zero_cc
Value: be0a64726a4e76
zaemonline.kz/ Name: _zero_ss
Value: 657e6ec3e6b18.1702784708.1702784708.1
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4068227120fake
.yandex.com/ Name: yandexuid
Value: 1338939791702784707
.yandex.com/ Name: yuidss
Value: 1338939791702784707
.yandex.com/ Name: i
Value: rpICBayjMVhpJufR55nEyUSHteLruZ0BJWxHxRqvmZRGGdK3lOntYEZcap4iXRWflnxKtP1oM41dgiOaHQo2cayyI9s=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.kz/ Name: yandexuid
Value: 1338939791702784707
.yandex.kz/ Name: yuidss
Value: 1338939791702784707
.yandex.kz/ Name: i
Value: rpICBayjMVhpJufR55nEyUSHteLruZ0BJWxHxRqvmZRGGdK3lOntYEZcap4iXRWflnxKtP1oM41dgiOaHQo2cayyI9s=
.mc.yandex.kz/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 138813831702784707
.yandex.com/ Name: ymex
Value: 1734320707.yrts.1702784707
.yandex.com/ Name: bh
Value: KgI/MA==
.zaemonline.kz/ Name: _ym_isad
Value: 2
.zaemonline.kz/ Name: _ym_visorc
Value: w
.zaemonline.kz/ Name: __gads
Value: ID=982defcbca1764bd:T=1702784707:RT=1702784707:S=ALNI_MbOp179kBgf4TzDBH2D700jE5Ip1w
.zaemonline.kz/ Name: __gpi
Value: UID=00000d1deb4f29a2:T=1702784707:RT=1702784707:S=ALNI_MbB2WypwyFRVAcQkCkdgPsFzGVvww
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlDT-J6O8w8A-J4eO0nDgDYeGq7WoB5_QneRD3t71yfF6VXq4JPct4rEvsng1g
.adform.net/ Name: C
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7313404632996968605
.quantserve.com/ Name: d
Value: EGUBCQHXKoEA
.quantserve.com/ Name: mc
Value: 657e6ec4-8de37-7bff7-36b9f
.simpli.fi/ Name: suid
Value: 5E643EBCC77F457F8B3CA41A5C545207
.yahoo.com/ Name: A3
Value: d=AQABBMRufmUCELq7RNAXmdyD6mXOlVQx2kYFEgEBAQHAf2WIZQAAAAAA_eMAAA&S=AQAAAkmwEBAx5paoJgyIIl96Wwk
.adform.net/ Name: uid
Value: 3561497705077657560
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZX5uxAAHhIsoUgBH
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225508310B-29E7-442C-392D-F5EF6109AC06%22%7D
.ctnsnet.com/ Name: cid_4e1010d748fe45369dc5ffa3cd1ae23d
Value: 1
.ctnsnet.com/ Name: gid_CAESEHmVBXcDRm29HKDyTU1ppfI
Value: 1
.googleadservices.com/ Name: ar_debug
Value: 1
.w55c.net/ Name: wfivefivec
Value: 1EH0U3Jj1ReI5u5
.de17a.com/ Name: guid
Value: 1.2654440396403481417
.w55c.net/ Name: matchgoogle
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: aBntmIqZbaOF6iPq6eWMnYOHodu6ZdMjZdiOKShSpX499e1pxF3BOkEONRUX1yDVNpfpZd2fp65sUiU2KbToZbKwJWNjV
.awin1.com/ Name: awpv20044
Value: 412871|1702784709|acbcaf80-9c8e-11ee-b1a8-22396ad6a5ca
.awin1.com/ Name: awpv14702
Value: 412871|1702784709|acbcd690-9c8e-11ee-8661-22610dd0df18
.awin1.com/ Name: AWSESS
Value: 365825:2531885

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad4m.at
ads.travelaudience.com
as.ad4m.at
assets.ad4m.at
c.zero.kz
c1.adform.net
cdn.sendpulse.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.adsrvr.org
mc.yandex.com
mc.yandex.kz
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
s.tribalfusion.com
static-de.ad4mat.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
web.webpushs.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zaemonline.kz
104.64.118.247
142.250.185.98
151.101.130.49
172.217.16.194
178.89.186.213
2.19.217.101
2001:4860:4802:32::36
213.155.156.181
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:6b8::1:119
2a02:6ea0:c700::17
2a02:6ea0:c700::18
2a02:fa8:8806:20::2010
2a04:4e42::649
2a05:d018:d29:3605:885b:36b0:5c58:578
3.33.220.150
35.186.193.173
35.190.0.66
35.204.74.118
37.157.2.229
51.89.9.252
52.28.181.94
52.58.171.137
85.114.159.93
91.121.248.44
91.201.214.115
0627c152f41a86e754ba607fde4a8fed8085f6d17567004042632a027a12e615
09a96188dc587a74ac919e3714579befdafa879c28b716f4eb34216036e4d218
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11a28d39113d86cc1606c9d81503c40063044b0680f66f2787803319872a5df8
1365c9d12f6f72e3dfe39ae31145a810170a53f3b283a2bc5233572a7b183164
166f81acf7fc66609feb80beeea57c29c02e855700deafd7d9d25b94fc8da27b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e0fdfc3ff3276b3e9b0d21e97b42c5089aaeac570232a71ce50d95563e839a0
1f54e0e0345e9d348b54b7d72f21e05f0a2543bfd64b91068b119e26943b5ec3
1fa850da5bef9ccedefdb47e5fa5e41d1d73b8c53b82ad106dd0a545cacb4d58
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21b0392d76754b70fb51e477eb18187b675537062e89ecc7aef76cf91d979b0b
22ddb3cc75d82f0df628013424dc27f2b9a18bfaf8ff77e119930d713bfe5234
265907c6b214f9f296040b1f2703987107e02b01180c611a7e1868f17652721e
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2a810283ef3a450039039318677538039c2adadfe2703a12f98b07735ba15290
2be6ffbf86b2f92f881c8dcc79664cc4fcb973cc5c24effe6c844942600ef207
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec39cb341b3909ad79550a8c8215bb22206a9b75bc77c9eba797f64be796e22
305eb7d3cb7b437040c2975d94c51fb7ecb061d95327023a5cac8dc846f5390f
313381cc20da29d7cac96f3e72a14f54f0e960872b3449afd54602859545ea1f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
372381c9dfbb70d612a4212d13415381b45ce4beba89b5492bec132c91226094
39dd0e8e9a643a5652c31e5e69066363a57e183218028e92531d080034fcda74
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3ae71b9bbe98e4fad4ea027d83609c047a360e8b84aa194855076df4637e6c74
3bfcb79f8577d46cb97781850fea6ea360b161d5f02600b682bd752dc8605b78
3e0c26460da4227871a08c4538c7b023001b01e84362a6bf15ba35562fa2bc20
4100f5a272e30a554e75fa5a9858d477c0a3628ada041d6bf5130ee14c1cd6c4
41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43488770f3161a2441de3613633ba481f43a27d9cd7ec9874c4311e1e5c407f5
44239cb2729de9995a18e6709a45fe184ce1889fa4836e74521547cc7ef9004f
4452e61548a0c3f3cbdf4ca46dc2f449abfa57d7b828e0ec2fe5bf7e205901a6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
460f3ba8083646a34c00e4b7e5d3df5578aa1320a0e895c2cf43b0e984301296
46e3e32ce0cffa6b0be8f4d812715dee13ff0360229617effa5f939ec2f7ad8f
481a497c659a4b777cf6570fd5967818a6b4c8f7ec8e2a114060eec74ac07948
4a8fc69fde6a17c2ddc40e03d5e6b0b2b7f92ed8142932c39789510244f5b2a9
4b2e157d5aa257c9d11878c0445a365d5dd0f8625fbf27b917a89e48f9f094ed
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e126dd2635f201e300eca4cddbd5f9b4979c4069c3d54f116472b6901d1fa4b
500b22c83d91993d48c12e8caa217a313bfcaf71c265bb0a70494da8150408f8
500cc26c7d990f48b2f43da5c0ee219101da66bdaacab063421b171c615629d3
5129863210d7a30de2ec92a946a579813792d4c7b2b334b3a893c3d4ba05efe8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d5af72b99642ef3af80303cec012e37d4847994cacb5f527e61bc4e71aa2c1
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
575fba74dfb9072e8a82763f42814223dcc1921942650efcef1bbc874fe847a0
58722783842ab3638f51ae309c2fd9eebd3405193a008b022e7da5dd8a34bd16
58764bf2dcde27a739d9157736a713b9dcfdce938724691ddd8c703fef74a9c1
59ada002c269ea0c49ceac2452977f642f08f7f538d628c1b44ae60089cd496c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6567915090ec4ef359ac6f72354e4f638ded50a7d6980b638a881ab0515ef872
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66647e89ded5917a96f6af829ba0a13b1b44a1b4032095d94b8682680fff1d55
6940031c8352733f92c1eae517bb55f90ab926eab4e09be0db245b315cac901c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
715042425f2e703881d95f00ebcb9cd09be2e8d5360b8c273792db0e2fb4853f
72c6c24713278441975957a8e9a958552e78a4ce702d2eff81a0557384b5a311
73f0d900e17ab84d53cae923b8965053d166944471ecc24d2ea546864b084d34
758693aeec869f0ce16f3bead9a0540d72f3d283c0aef7c2573da5cb80bc4cf5
76282416db22c89bc67870e1b51733f84fde85eefe5b63aa1da48badec5d2279
7760a8049f4d01efe7939911c133d4ed63d6f4983422f533ceb0552fa7aa2e7f
7cb72848667afc9e97af232fedadcb2b4970fa6bf54fab3fe502d6ef9de5d2ed
7d111aac426b7b213c9f1125ec57f7674275d01d24b1d712bd6370e5409395e9
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7f570f5d8348ed558e3d12fb9d8095e54c7f6aebe2fc455016fadef51fe0f805
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8401d1d12e49594d7924a68ad3dde022f973fabf5360f518778e35fc6b82fe6f
8503a780e1e4a5636c82aabbb2705f005c686613c9d4603fda1d711861023f77
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8bd1bd2a458afd99230048211b8edee7688d169f63bcb84df87aad6269ac3ea9
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fdb43ed845001f62e054cb4e136685ef9d653a1efe9dbf91982292f72eb04ae
94145d20fa966c90fda98e85091535e26b0e3168d2d034c7376719afbf84e464
941d47030a95d486d9ed799fcd517a5c7e49de4b7d6199b1aeda41aea2957b7d
94dbec8a3c63178d3fd76daa64434f66c0dd205b7e14e85c219fce593f000726
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
95833be0f7396dab2a1891ba5b3d147d8689b404a0217c8094e1715729c50880
968a714238ece3be192b8e61e829e057f16b51d56d88704e39a77142d9447459
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98e72cf2d1674c68f504fcca41af42fdecf4797e472988894ab8ebf2dcf3248a
99780dfa860196e84175cd97e56f0e4bdfa277f9cc72822beb43d2765c02c683
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac2aaa4903d116d03d083dd4b0c17e41b28a6250dd9584001db583aebc7e829
9b6f5299b2d3cf5ea2cec8f138010e50ddedf58ee3b0467e718c2fcfae2a47b3
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9d2347e9d61223835d2ae774fcbcbc017c73812501e657eb687675aa933a8421
9d4a05947e3434985c661e50bcd8d2b0007396bf5910b850f736c5f7230c90fc
9e855211e44cd17e4c1e8b2184d822067cd14368cc4c063ba2da587eed5fd6c9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0dcc5b7df9b5d674f093242766da6590f4d7d678e1c708c568b61a66870d141
a1d2b5dcdb87745883abe53382f8f92a37b455b07a3d5c539a0e6b925ba3b392
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a5dd0582565a1fb95a2e8833537d95a53b781d8d1c5bd6e5b1e45a5d7e4fd1ac
a6d08c84b2155affb58de2094bf9114fa7e3df3f586d780377c19b16b579ec36
a7c9b059698d232687e478d5591d6d7eef4a524b41595b8a19295b20aaaaa0f4
a88a95fc7bee2e8373dc97ad4f959cf65ea622bc3e54b94857008d3671d6abb0
a9efdbc474d0f02348ab071357d50ebe709d59f0d76b79e709dc3c5c759050c9
aa1bb8f4a0b93b80734a876dd770bd1560b8e14a524967d89b283525b5962fd3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab81c38fc5d1ef84f49c1847385772bbb5b79cdec291d8ef60d2291da48c8b89
ab9cfd7a23ef04ee087f377cee14665bc99437cbcb76f1f595b063f9520a9c8d
ace4fadb90203697b480003a13d81d9be9fc3d36e3e9eca9e91bf0ca5304b288
acf50c7437e8ff89f4b88024307c60816c7d9d67fe731edaea86670448c67077
ae4e79a8dbe55568a237f612e1c248644e134971ff0db773e8f4b6574b5af2b6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeea2b6c5be5d75e232d85d040eada0bd93b7dda105f4ec4fbad3df958984668
afc6849e246a8c9fa9da304afcb76f3a03856f54c8d83a75b5c3f3f259cf2a3a
b0b6091f566afe861e029d8f347437f5bdf12980a45a505130e6d5b14d02f47f
b1eb2c2a481e26a8dccd63f06e4aa3892c4baa0e497ea3d25d2c7e18583e05fd
b25e225381edb8bf63d1e738c80186ca042903a714084335cb1a54377a930e41
b3879f5e9414512ecb4597231b0aca2e43b5f0e6ab7f948e61623ba86c473628
b4aaa3072f3261e2daa23ad60c99e58a5b69aa61cdc826bb237add432e239909
b7125e0e971f745cac0132f3bc12b46dee7a0a587185faf8877762ce773681e8
bc7b2571ab96da19c1f2f31211c430d5b83a4f4412e1e79dfb4dc08ad69e5f67
bd29a1a71fd3f804a1cadfd6316e7f4dcc30c493f58a6a1539af23bf02ff9b11
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c27af2c222ad46d9ee45539b9a61deeb67fbddc4977bd84226a3acf1ddb9022e
c34766c2894d8c1e4140f81d6c05de484a588bf14460bf35a9d036f2cdaeefc0
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
cc61bf3390663da987a0a864c64b7d76ea2554135a4835dfcdba6e2acafa22ab
ccd81d4182884ee69f54d403271678ab97f9891b7c8ce001997afe3f13e96276
cd9f53893b9d613f1dcc317177ec48b11dd066cd83610acfcd116d649d9d35d5
ce9b5508ac69731becfb3283c6ed9fd79b437f85a3c7b580ac7875ca1098d451
cf2e8471e8e31885c8c03d019dbd2e1b04ebcdc9fb9fd7455454ab026a7f96e3
cf718aab24f82fade3422811893da6b28e2ea2b270bd7d776f6adf44de59cdcc
d396cda834273cd0b16f4e65d8d7bc93d671d3a9c1af448bcd22fea2d5ed1571
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d9245770d7063151fe68179365c7dd652259e65bf2f7940c8a7134eda72eda34
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dd14ddfcaf3c700e8a12d833a21e16a9e638669ce3f112ea322beb281d8b780f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9594a79b2dacb9dc6d7634e9e1870913bf1aab02af7483ab3d2f780f970e01
e12501ab69427e1a1e4faba3befbe731cd81f560090b731ba52bfc86616db984
e12e934d5086e573b65e21dd2ecda2f95cc8ca2b36bab5c1a06f8ad4839b928f
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e28ee49ee9dc9c8fdd58b332b043b7b3168950eb70c5168d1074fa861091db31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cfb7c65cce0fca0014b99c1864cf907c47adc36f5cec8522713eb385ebdfc8
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e6d72b6cb969d51750dc2d8d59c3944de23f885423cbeea9c4e99875f1dc0c6e
e75c9b87c91648bc2179640bfef2ae9b8eae0aea459987f951bf4be7093f9863
ea459dade75ac74593db2a030edb2f45930d81a4964d8380a94c3e38fa01593a
ec1bea6213d66cbe1dcd4c655d499707dfb473032873651b98ae8d32873facee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef37138dbbe880d2080ce6e2cb0afc5775faf775107221039083fd54910db87c
ef39f4102eeea59191ae879c76c7563711d57d639aea924ae2b1942a805d6c6e
f2437849dd48e519c18891a630cf9df5880a10482530b521254ce1575e6aedeb
f3868835caf50bf23ab9f5d99437d2a78a5a8d2fd4d73ea5f1396e3e85460569
f3ef8a0a8a8e6dc192a9340463833f71604f930b38e8780e8ed1cb3b170f4988
f77fc542e2d4af927e2802f3040172df93d3c567c5d573f2a3c525e9919f5100
f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f
f98f49e9b4f040c28874f2021125162fe53736416793061dddf6d64e7b904e33
fdf315dd86cc37ca38ce171e1a9f19dc4b1ddaeefa137b9b2aba606e05995a45
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48