poland.noyan.estate Open in urlscan Pro
172.67.160.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://poland.noyan.estate/
Submission: On June 28 via api (June 28th 2024, 2:29:49 am UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 36 HTTP transactions. The main IP is 172.67.160.126, located in United States and belongs to CLOUDFLARENET, US. The main domain is poland.noyan.estate.
TLS certificate: Issued by E1 on May 1st 2024. Valid for: 3 months.

This is the only time poland.noyan.estate was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	172.67.160.126 172.67.160.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
36	10

18 172.67.160.126 (United States)

ASN13335 (CLOUDFLARENET, US)

poland.noyan.estate	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	noyan.estate poland.noyan.estate	127 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	214 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	165 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 96
0	googleapis.com Failed fonts.googleapis.com Failed
36	7

	Domain	Requested by
18	poland.noyan.estate	poland.noyan.estate
6	pagead2.googlesyndication.com	poland.noyan.estate pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagmanager.com	poland.noyan.estate www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com	poland.noyan.estate
1	www.youtube.com	poland.noyan.estate
0	fonts.googleapis.com Failed	poland.noyan.estate
36	9

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.modebijou.com
www.papapeinture.fr
www.larenovation.net
www.megaadresse.com
www.institutkurde.org
www.taxiprimo.com
www.kuyumcu.paris
www.opemoraira.com
www.h3ds.fr
www.imi7.com
www.developpeursweb.com
www.locationdesalle.net
www.parislouer.com
www.mozilla.org
kurdish.spampoison.com
www.polyglot-learn-language.com
ku.openoffice.org
dmoz.org
ku-tr.facebook.com
www.kurdishworld.com
musicmoz.org
www.netvibes.com
translators.netvibes.com
bnk.institutkurde.org
www.ferheng.org
ku.wikipedia.org
ku.wiktionary.org
www.rojname.com
ku.firatnews.com
www.avestakurd.net
www.netkurd.com
www.kurdistan-post.eu

Subject Issuer	Validity	Valid
noyan.estate E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://poland.noyan.estate/
Frame ID: EA5F560394D9A5E5A2A140E82241F1A0
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4edOeqIcWpM
Frame ID: 8EE5C87EAB704F8F17059A2A6B958910
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876
Frame ID: CF257B48F9B17ED72F34FD8AE845E165
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: 2E7F9EF7DE293F623A77B221AE2D0A74
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1640296510582567&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719541784&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fpoland.noyan.estate%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719541784593&bpp=2&bdt=507&idt=144&shv=r20240625&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7431822892094&frm=20&pv=2&ga_vid=1479408877.1719541784&ga_sid=1719541785&ga_hid=408866224&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C95329722%2C95331695%2C95334510%2C95334525%2C95334573%2C95334578%2C95335897%2C31084927%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=333632112103967&tmod=1538173927&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=167
Frame ID: 68DA1A4461A3499E66DE68A39FE6582E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6ED3219F9C81E23D29F385E5FD96D4CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rojbûna Kurdish World ! - Îsal 10 salî ye !

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

36
Requests

94 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

527 kB
Transfer

1450 kB
Size

7
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kurdishworld

Search URL Search Domain Scan URL

URL: https://www.modebijou.com/
Title: Mode Bijou

Search URL Search Domain Scan URL

URL: https://www.papapeinture.fr/
Title: Entreprise de Peinture

Search URL Search Domain Scan URL

URL: https://www.larenovation.net/
Title: Entreprise de rénovation

Search URL Search Domain Scan URL

URL: https://www.megaadresse.com/
Title: Annuaire Professionnel

Search URL Search Domain Scan URL

URL: https://www.institutkurde.org/
Title: Institut kurde

Search URL Search Domain Scan URL

URL: https://www.taxiprimo.com/
Title: Taxi Parisien

Search URL Search Domain Scan URL

URL: https://www.kuyumcu.paris/
Title: Paris Kuyumcu

Search URL Search Domain Scan URL

URL: https://www.opemoraira.com/
Title: OPE

Search URL Search Domain Scan URL

URL: https://www.h3ds.fr/
Title: Nettoyeur Scène de crime

Search URL Search Domain Scan URL

URL: https://www.imi7.com/
Title: Référencement Web

Search URL Search Domain Scan URL

URL: https://www.developpeursweb.com/
Title: Agence Developpeur Web Paris

Search URL Search Domain Scan URL

URL: http://www.locationdesalle.net/
Title: Location de salle Paris

Search URL Search Domain Scan URL

URL: http://www.parislouer.com/
Title: Louer à Paris

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/ku/firefox/fx/
Title: Firefoxa Kurdî

Search URL Search Domain Scan URL

URL: http://kurdish.spampoison.com/
Title: Spam Poison

Search URL Search Domain Scan URL

URL: http://www.polyglot-learn-language.com/
Title: Polyglot Language

Search URL Search Domain Scan URL

URL: http://ku.openoffice.org/
Title: Open Office

Search URL Search Domain Scan URL

URL: http://dmoz.org/World/Kurd%C3%AE/
Title: DMOZ

Search URL Search Domain Scan URL

URL: http://ku-tr.facebook.com/
Title: Facebooka Kurdî

Search URL Search Domain Scan URL

URL: http://www.kurdishworld.com/int/
Title: Kurdish World

Search URL Search Domain Scan URL

URL: http://musicmoz.org/Test/World/Kurd%EE/
Title: MusicMoz

Search URL Search Domain Scan URL

URL: http://www.netvibes.com/
Title: Netvibes

Search URL Search Domain Scan URL

URL: http://translators.netvibes.com/
Title: Werger

Search URL Search Domain Scan URL

URL: http://www.megaadresse.com/contacts/gurden-france-drancy-106
Title: Gurden France - SociétéFrance Gurden

Search URL Search Domain Scan URL

URL: http://www.megaadresse.com/contacts/ozlem-snack-paris-10eme-5520
Title: Özlem Snack

Search URL Search Domain Scan URL

URL: http://bnk.institutkurde.org/
Title: Pirtukxaneya dijital a Kurdî

Search URL Search Domain Scan URL

URL: http://www.institutkurde.org/
Title: Enstituya kurdî ya Parîsê

Search URL Search Domain Scan URL

URL: https://www.ferheng.org/
Title: Ferheng.com

Search URL Search Domain Scan URL

URL: https://ku.wikipedia.org/
Title: Wîkîpedia kurdî

Search URL Search Domain Scan URL

URL: https://ku.wiktionary.org/
Title: Wiktionary kurdî

Search URL Search Domain Scan URL

URL: https://www.rojname.com/
Title: Rojname.com

Search URL Search Domain Scan URL

URL: https://ku.firatnews.com/
Title: Firat News

Search URL Search Domain Scan URL

URL: https://www.avestakurd.net/
Title: Avestakurd.net

Search URL Search Domain Scan URL

URL: http://www.netkurd.com/
Title: Netkurd.com

Search URL Search Domain Scan URL

URL: https://www.kurdistan-post.eu/
Title: Kurdistan Post

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
poland.noyan.estate/ 21 KB
6 KB 321ms
266ms Document
text/html 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33 PleskLin
Resource Hash: 5b0041b53295e7f2883a39dc9980446e6c46edd4b09a81fe081e6e919868950e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa40350cf7bbaa-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Jun 2024 02:29:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdNGTRb3vo5Buu8dAxHizE%2F5GMYwILOOpfoyiUVYOkUuberwZsulItw632%2FMAV8bSjX90X4DwJTmUM3sGz8Bjs3zs9F2tH2Dgc35%2FtO3O71mjJKBX6Qal0r3paa7%2FwRLt2E7kvCp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.3.33 PleskLin

GET
H3 200 stylezz.css
poland.noyan.estate/ 32 KB
7 KB 270ms
269ms Stylesheet
text/css 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poland.noyan.estate/stylezz.css
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cd92f226ce31da8b3b5a332b2c30e3bbcf8f5d489d581a0098562f9ce964748b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Sep 2014 15:24:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5425852d-7f83"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58FogLze845OLGlj0ZDlDWx%2FGbPqKN317lhGyVuSmvNaWEmwpBtAxsyItEg2lms3EA5mxK5%2FqFhs0LAdC%2F3jFvjZZRnDGAQozSzNhmmfd7EJfXkik%2BGODwZL7IiFFms1BUStlqOY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=290304000, must-revalidate
cf-ray: 89aa4036adcebbaa-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 138ms
54ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Requested by

Host: poland.noyan.estate
URL: https://poland.noyan.estate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d868a49544f5d362c62f915e99356578f4911b0f4e0517911abaf523ef6d47ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76588
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 02:29:44 GMT

GET
H3 200 facebook_logo.png
poland.noyan.estate/images/ 11 KB
12 KB 271ms
270ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/facebook_logo.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0e06f55776d0cf134333044b8f0c432066da780970d338fa4dbda38a675c1dc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Dec 2012 15:33:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50c9f553-2c94"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeLzLV8w75q4HJVJbE3OX7t6urPKMkqnDdm3vJcbPppie5LdubROrNRXYXTpQAoMgQaXw%2FFuiz%2BHlO%2B8gaplF6RPpUwOKHAJnKafA9keQrGR%2FTMWYZXK4baOvQizZokq70Hdcaer"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa4036adcfbbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11412

GET
H3 200 ballons.png
poland.noyan.estate/images/ 12 KB
13 KB 230ms
229ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/ballons.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7e5b799b082e94fc9b5c6137246c8971e488c11c242996283e17bec3c7497506

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Feb 2012 23:57:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f385200-30f2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8L%2FZfgYAZglzHt0%2FI3CjhiAAckJcwaIFCfEX6eCHOUNVxbyIqZVyoA9pKtj5CubjdNju83KCXxrNVrA%2BTIB%2F35ZOFlA4Lb6wjoNUk57tonIeHxo4sT8er35wvJohAhHOBEjhbTd6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa4036add0bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12530

GET
H3 200 dehsal.png
poland.noyan.estate/images/background/ 22 KB
22 KB 274ms
274ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/dehsal.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f9ff3d098f6df027122009dde31977030910e05c81ed06fdd87c5ceeb33632b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 23:22:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36f837-5742"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSMuvp9nqtNUqJOkXO6tketExi1%2F7GgSiyqyy3lm1SLiRNH%2F9HOplWN8aI5Ai4dh94LUGOWQV5Hw1IP84eIyFxi1dcdOa30te2ooEenNo12SooS9tEJlWfX48tCrVjLJ%2FUG5%2FF6P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40385ecdbbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22338

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 175ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: poland.noyan.estate
URL: https://poland.noyan.estate/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f02cc581ceb9b439f33d383ec0ac88ad85343f9c527ec50abd799d6a93ecbe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52673
x-xss-protection: 0
server: cafe
etag: 2086420777344771299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 28 Jun 2024 02:29:44 GMT

GET
H3 200 serefsiz.jpg
poland.noyan.estate/ 8 KB
9 KB 234ms
234ms Image
image/jpeg 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/serefsiz.jpg
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c970d7c730d726681599ba5940bb33a000ef65fa0e01137df8ccb27b97801520

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Aug 2015 17:41:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "55c0f95a-20d2"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3JZ74GctZ2j0pLUcBW9ckEdWYLVqdZzq%2Ft1GuDeJ96iVebqhMfEASyNXcVkZzzS67C1hr0X8%2Bysaard5gNk4YOVzum%2F7Bi3iIyY%2BkkX9PkysGZaWkuTfXFzNsf8B9bvcSg7Z%2B16"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40385ecebbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8402

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 4edOeqIcWpM
www.youtube.com/embed/ Frame 8EE5 0
0 212ms
98ms Document
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4edOeqIcWpM

Requested by

Host: poland.noyan.estate
URL: https://poland.noyan.estate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://poland.noyan.estate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jun 2024 02:29:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 likebox.php
www.facebook.com/plugins/ Frame CF25 0
0 268ms
159ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fkurdishworld&width=585&height=258&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=110415902330876

Requested by

Host: poland.noyan.estate
URL: https://poland.noyan.estate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://poland.noyan.estate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jun 2024 02:29:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385375726825954519"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385375726825954519"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385375726825954519", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=116, ullat=0
x-fb-debug: 1n+F3AHRvus3KBlTRV4GAHCsRzIv2HGbl6fImwVgDpbAaUNGY1k2TLf//npoDCN4QRp54PPUiNtsq16GVlWZ5A==
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
0 174ms
174ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: poland.noyan.estate
URL: https://poland.noyan.estate/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f02cc581ceb9b439f33d383ec0ac88ad85343f9c527ec50abd799d6a93ecbe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52673
x-xss-protection: 0
server: cafe
etag: 2086420777344771299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 28 Jun 2024 02:29:44 GMT

GET
H3 200 bg2.png
poland.noyan.estate/images/background/ 473 B
978 B 218ms
217ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/bg2.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 038d8584ba9c2c936f71d08fbfa9963cd8a736b5a419162eb26b03824e8e41e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 473
last-modified: Sat, 11 Feb 2012 23:11:38 GMT
x-accel-version: 0.01
server: cloudflare
etag: "1d9-4b8b85e093e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn5lzLTiWpSj0p6PkhbzV06rUySoJSookuc6ayUEQWX2FbMFFdisbIVeFC8Q0ak25wSJwXZPMWQWxDRzPOdpCTWs9BmFkC7C6CG%2FvatCgCq9e0Fq9OKXQZDRRgpQES0tyoIC59W8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed1bbaa-FRA

GET
H3 200 back.png
poland.noyan.estate/images/ 9 KB
9 KB 230ms
230ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/back.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 17fb4d7c818eeaf75214753f71a61b3fe145f75b3ed841eddf876b4b4e904472

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 22:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36eafd-2377"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CSMi2QBwSRAWMAQwlOhy6zmpxjPqwLqpKEeoa%2F2odtrjZS4T8w83mLhymSNlHDzdMwKkb38pbstoNBP9wJUwIeAH%2B4AZvz6EvuraItrr%2FZ5FPXVuwHK%2F50Z53FPSv1RaakDWnQx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed2bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9079

GET
H3 200 cbg1.png
poland.noyan.estate/images/background/ 1 KB
2 KB 225ms
225ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/cbg1.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 31ad1a6fc96aabae565b7097af318f7f8b7a534aa7d731a7bca25819af5f5f83

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 22:33:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36ecd3-484"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9LtN%2BDoSkNMYmzkz%2BRlhFx6W6%2B%2FTJ%2F%2BxB%2BToDvzh7f%2BavaWbGMQhEg5XNLpbdqFYysQogXb%2FSpuNCdvJa7ZJDQ%2BSbBpZP41FvzYGqCnTTN4xygwh2G718IyDdsKvzePaBkXUAIwT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed4bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1156

GET
H3 200 cbg2.png
poland.noyan.estate/images/background/ 2 KB
3 KB 228ms
228ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/cbg2.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b6d38a1eb522cdb57e6ad70fbc288d52940552a8ea6e5501c89fcb7e785183b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 22:33:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36ecba-91e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FuhFUyVeGED9kNEYg6YhvTXOUeMwMaguA2vJVALGlcM9L3up5os2lBsuppge2PqonHoJzy5bGiIweUTZvM3krjtMkx7iLjkAmIl7SZmylT6qWYBZgDoZ9nWGraxuitcnW96Zasfi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed5bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2334

GET
H3 200 kurdishworld300.png
poland.noyan.estate/images/ 21 KB
22 KB 287ms
286ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/kurdishworld300.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 92180f53180d5b424481ba54bc45927890caaa86b87d379d592133d3b1d1a4a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 22:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36f185-5596"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wo6clFhgyLxNlozjPxBCC3qzXmrO2mhTYmrwUjU2wDWFv1Lsj4QDnBpGlvvxrUsY3Qo4SG3bswxrOGMzifMx7LExOC1DPFpFUBf7fDsKvNBcEUO5nj3R00IuJcIwM6GlmTh80jvl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed7bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21910

GET
H3 200 inbg1.png
poland.noyan.estate/images/background/ 579 B
1 KB 219ms
218ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/inbg1.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 896b1ad1cb3a62d30bbadee2c3dc165d92ddd141ba4e1bc2a26634bbf4a99aee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 579
last-modified: Sat, 11 Feb 2012 23:00:28 GMT
x-accel-version: 0.01
server: cloudflare
etag: "243-4b8b83619db00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NL1%2Ft6FLM4n2ondRNZouBoelarzsPCasiO9ecHW2jxc0%2F%2BRofg80WEvJEW%2BtgNTnI5VDoGI%2B41PolJZWwMMGxZTdabAQqqVHDze6nZR5HB0IpLGCAa5VKNOMz9y5xrqLM5Prlxyp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed8bbaa-FRA

GET
H3 200 inbg2.png
poland.noyan.estate/images/background/ 728 B
1 KB 228ms
227ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/inbg2.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 976cb394e5ae06e3c71d54566b844cb4ba13403aeebb15d6f0325dbe6bbdda2d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 728
last-modified: Sat, 11 Feb 2012 23:17:52 GMT
x-accel-version: 0.01
server: cloudflare
etag: "2d8-4b8b874540800"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sl1cW5n1Y%2F%2BRP7zWKSvY7B6c5NUAULa2tUYDXkGzt9iWIvM7YOSvqkuccEvgV64pi%2FolRxyFAbUaHYy300oSQY4hfhK03StLmuyKWXApEmElr704OD2GKr0ENh%2B4xUejYlXa%2Bw3%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386ed9bbaa-FRA

GET
H3 200 backrank.png
poland.noyan.estate/images/background/ 14 KB
15 KB 255ms
254ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/backrank.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aedc545837228e95b224552901096ec381f1e1644c97f90fa16bde1d6e12d634

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Apr 2012 23:59:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f8e03f6-39cc"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ka7NO7KHGL5WkKHRPhPweZ0rgyzdnu959akrmYhmM5gMDYbV52NPMelRtjM7%2FdI1r4bMWptKx8%2BnRxJWHLtGRdPlt%2Bk3fMZUrKoqqZR9ijg3DxIqvb71VXWw6N5Y3eyvVuRs3jTU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386edabbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14796

GET
H3 200 wbg.png
poland.noyan.estate/images/background/ 1 KB
2 KB 224ms
223ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/wbg.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fe874340b486cf22acce191298ad2d86dba87060d5595f47222f6770b986a12d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
last-modified: Sat, 11 Feb 2012 23:19:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4f36f785-592"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRgO9zs5pmRZxC%2FqvrVnG4%2FYG8a0U%2Bq5bhWYA15bJlvnmd3qPaHm3vWhSHIHe0vgdhyA771OMFENScsRv4lFLV3%2BvMQMCsDX3UARHstxG7iKVPoNeWPZOoAEJbvsZZ%2BmoD5XA8Hh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386edbbbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1426

GET
H3 200 inbg3.png
poland.noyan.estate/images/background/ 511 B
1019 B 201ms
200ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/inbg3.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 912960e58e85e09b6da369a74c90e6b1a4c8eb58079f66f4d45e03abd044740b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 511
last-modified: Sat, 11 Feb 2012 23:19:08 GMT
x-accel-version: 0.01
server: cloudflare
etag: "1ff-4b8b878dbb300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsiFI14JacuNbdzTxbPLicINPfH9J61jI9ajDVEpXgBYAPUCOY9GkWY%2FZxhj2tj4b%2BX6ki9di5dPYf8LpJX0dzb8n3t8NT4aqrQqalSfMBBVLBIFRCJ3B4KS%2BYf0DBvUDU2MOuKW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386edcbbaa-FRA

GET
H3 200 cbg3.png
poland.noyan.estate/images/background/ 360 B
867 B 263ms
263ms Image
image/png 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://poland.noyan.estate/images/background/cbg3.png
Requested by: Host: poland.noyan.estate
URL: https://poland.noyan.estate/stylezz.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a5837a17a65ab97fa38b4dc772dba7547ffce93da744300fb1fc4c872459bf3e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/stylezz.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 360
last-modified: Sat, 11 Feb 2012 23:12:27 GMT
x-accel-version: 0.01
server: cloudflare
etag: "168-4b8b860f4ecc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RoqXajToI4MeUpHUWFREH8HoDrmNHgmZFpKQCneQlibXiZtZUGmEgFgv3pcLdXcPauLWgNNxWeArlYOuUsHx3LzEo5%2F9UiHCvGv8dRipBdxdLW1jJtsn4es6TgbwwcF%2Fb8Dyw%2BhS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=290304000, must-revalidate
accept-ranges: bytes
cf-ray: 89aa40386eddbbaa-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4ZD3787ESX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2df4e5ace19aca213ac6b0272b87fd7e50c1f8c6200f356c2cb2938488e2d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 02:29:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 131ms
39ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-290812-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 01:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2923
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jun 2024 03:41:01 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 133ms
46ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4ZD3787ESX&gtm=45je46q0v9122490357za200&_p=1719541784362&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1479408877.1719541784&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719541784&sct=1&seg=0&dl=https%3A%2F%2Fpoland.noyan.estate%2F&dt=Rojb%C3%BBna%20Kurdish%20World%20!%20-%20%C3%8Esal%2010%20sal%C3%AE%20ye%20!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=731&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4ZD3787ESX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 02:29:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poland.noyan.estate
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 47ms
47ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=408866224&t=pageview&_s=1&dl=https%3A%2F%2Fpoland.noyan.estate%2F&ul=de-de&de=UTF-8&dt=Rojb%C3%BBna%20Kurdish%20World%20!%20-%20%C3%8Esal%2010%20sal%C3%AE%20ye%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=513167421&gjid=1428890535&cid=1479408877.1719541784&tid=UA-290812-3&_gid=269595835.1719541785&_r=1&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1077619860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 02:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://poland.noyan.estate
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/ 425 KB
143 KB 68ms
66ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640296510582567&plah=poland.noyan.estate&aplac=true&bust=31084927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a12f7ca7d449210509698d1f09c44c5fdb04fe704c8c049f0d523664ddb57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146862
x-xss-protection: 0
server: cafe
etag: 16878477461446537114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jun 2024 02:29:44 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/ Frame 2E7F 0
0 108ms
39ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1640296510582567&plah=poland.noyan.estate&aplac=true&bust=31084927

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://poland.noyan.estate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 15194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jun 2024 22:16:30 GMT
etag: 9187630395144177108
expires: Thu, 11 Jul 2024 22:16:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 68DA 0
0 121ms
57ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1640296510582567&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719541784&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fpoland.noyan.estate%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719541784593&bpp=2&bdt=507&idt=144&shv=r20240625&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7431822892094&frm=20&pv=2&ga_vid=1479408877.1719541784&ga_sid=1719541785&ga_hid=408866224&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C95329722%2C95331695%2C95334510%2C95334525%2C95334573%2C95334578%2C95335897%2C31084927%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=333632112103967&tmod=1538173927&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=167

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://poland.noyan.estate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jun 2024 02:29:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 162ms
84ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240625&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f5edb38e27565b239edd249390337696f6dfec1d190562c358088c4a57d55adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12685
x-xss-protection: 0

GET
H3 200 favicon.ico
poland.noyan.estate/ 4 KB
2 KB 214ms
214ms Other
image/vnd.microsoft.icon 172.67.160.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://poland.noyan.estate/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.160.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fd4afd6b78252015018a6cced441874debd99791f2ba625de4e9277bc18b77a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Dec 2009 00:00:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b22dd31-10be"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9ccV8Il7JxjY2mF4BECfM9pqWPCvWN9tgm%2FP%2BURsLOi7ltBmV2wXhSkE6IoVQY9e949jXat7%2B3PtoTn0DNDlP4VbNTUvLmhK7tvwACw3EBJXH6MKvQZtBtJAIB%2FS0wdMxxwMIfK"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=290304000, must-revalidate
cf-ray: 89aa403d69acbbaa-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=408866224&t=timing&_s=2&dl=https%3A%2F%2Fpoland.noyan.estate%2F&ul=de-de&de=UTF-8&dt=Rojb%C3%BBna%20Kurdish%20World%20!%20-%20%C3%8Esal%2010%20sal%C3%AE%20ye%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1399&pdt=1&dns=11&rrt=0&srt=266&tcp=44&dit=620&clt=620&_gst=628&_gbt=776&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1479408877.1719541784&tid=UA-290812-3&_gid=269595835.1719541785&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=527313711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 16:56:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34373
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://poland.noyan.estate/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 02:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jun 2024 02:29:45 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6ED3 0
0 122ms
37ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://poland.noyan.estate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 34742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jun 2024 16:50:43 GMT
expires: Fri, 27 Jun 2025 16:50:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Arvo:400,700

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240625&jk=333632112103967&bg=!_v2l_bLNAAb64txl2uI7ADQBe5WfOEfsWQ-RXa90RdNFQQwLD4vkxx2WClF3bg7JGNx3hm-jViJz1iwi6rWZfkFfNPXzAgAAAFtSAAAAAmgBB34ANUUvMNJ7l0R7MMnQ6yKI43IqCV4bB9xxZVhwb6dQmkyIpID91W7OQs5Vp72CPFqBOFMmOsV4mQKY3CUTP8DJdpo3tpl88SrWa3xBabae93onQIhYuiCYPjfXlL_ah3B-BJhcQ4Tq4AIQ5KVrwoPgqfpHFXXmaWkWoATDGJXklnX6XYmqYP9vvFbJJLFEB8aTuRKQTvQ7QADOsqYHTkHOwNoxDdSHCei5OH46WeOll8Z-KE5XJa5KxVbEZmkl5QvGwB_rs5kBo9OXE2p6-S8eZIF1dgl2Vg4vww4Klw5ny8HYgOzkDNR9cSEVlzd0H0pAms_4keG7-mrvNckGXKtbrKCWj30CrtcwB5CWsS0wx9homLxHEXQoq30vxkBR26gYBOIyo7YvdOL2-VhmZ04fS97tLTXn2DKsg0_VO2MVmRPB04OULmegKNpnNi5mFMI_huoFFNwfswtU5LyFqPFcGpHgEeErUPuqCfPoYEnQPezeG2LvV51RV9TkCQnOEy4IN8fYUVeOIsHI_Ce1fZ3MPqTbLCLk4zVDzvnzXohunwYTV4o3MxbJ9GllVbtuF8Zfsm6_qaJrpJaY9cZ6dA5rrlHDGmet7-dRKTzx7kuN6M0t_oxN7bIEytrUIbwzeNz49lfdrgDXnaFZ7T5iS5iGAXO0PLJ2w1lzsn-GUpz4hYLxD58d1isAeny82GaHeJ7Cvx0E9CzomHIt0_nXMmS9A7zkdbcgC0EGwLMF2uw6RX4atLbz3p6Fp_98HQjVLx5ecaesy5fgoUPgYXLd-7tAwVQijo-y99UI4O5QvOERIUkMgXc1RXDEoFXgW4xOpKHcFTD5rlkyuLAfS9_L7HD3ceRrENL3d--_KplbVxB1ZXhReL-sg9NcuTx63vmP0_x1qHUbLA_xPeZAkKoWdQrHlsf8KEwfhLviDS8psBA47xWF2X_D86H0jdyv0fOJlvmFjw

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.noyan.estate/	1970-01-21 07:15:01	Name: _ga_4ZD3787ESX Value: GS1.1.1719541784.1.0.1719541784.0.0.0
.noyan.estate/	1970-01-21 07:15:01	Name: _ga Value: GA1.2.1479408877.1719541784
.noyan.estate/	1970-01-20 21:40:28	Name: _gid Value: GA1.2.269595835.1719541785
.noyan.estate/	1970-01-20 21:39:01	Name: _gat_gtag_UA_290812_3 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: B4lrNheu0c4
.youtube.com/	1970-01-21 01:58:13	Name: VISITOR_INFO1_LIVE Value: FxnMpuxbdRk
.youtube.com/	1970-01-21 01:58:13	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgZg%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://poland.noyan.estate/ Message: Mixed Content: The page at 'https://poland.noyan.estate/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Arvo:400,700'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
pagead2.googlesyndication.com
poland.noyan.estate
region1.google-analytics.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
fonts.googleapis.com
pagead2.googlesyndication.com
142.250.181.226
142.250.186.78
172.67.160.126
2001:4860:4802:32::36
2001:4860:4802:38::178
2a00:1450:4001:81c::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
2a03:2880:f177:185:face:b00c:0:25de
038d8584ba9c2c936f71d08fbfa9963cd8a736b5a419162eb26b03824e8e41e7
0e06f55776d0cf134333044b8f0c432066da780970d338fa4dbda38a675c1dc8
17fb4d7c818eeaf75214753f71a61b3fe145f75b3ed841eddf876b4b4e904472
31ad1a6fc96aabae565b7097af318f7f8b7a534aa7d731a7bca25819af5f5f83
5b0041b53295e7f2883a39dc9980446e6c46edd4b09a81fe081e6e919868950e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e5b799b082e94fc9b5c6137246c8971e488c11c242996283e17bec3c7497506
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
896b1ad1cb3a62d30bbadee2c3dc165d92ddd141ba4e1bc2a26634bbf4a99aee
912960e58e85e09b6da369a74c90e6b1a4c8eb58079f66f4d45e03abd044740b
92180f53180d5b424481ba54bc45927890caaa86b87d379d592133d3b1d1a4a9
976cb394e5ae06e3c71d54566b844cb4ba13403aeebb15d6f0325dbe6bbdda2d
a4a12f7ca7d449210509698d1f09c44c5fdb04fe704c8c049f0d523664ddb57c
a5837a17a65ab97fa38b4dc772dba7547ffce93da744300fb1fc4c872459bf3e
aedc545837228e95b224552901096ec381f1e1644c97f90fa16bde1d6e12d634
b6d38a1eb522cdb57e6ad70fbc288d52940552a8ea6e5501c89fcb7e785183b3
c970d7c730d726681599ba5940bb33a000ef65fa0e01137df8ccb27b97801520
cd92f226ce31da8b3b5a332b2c30e3bbcf8f5d489d581a0098562f9ce964748b
d2df4e5ace19aca213ac6b0272b87fd7e50c1f8c6200f356c2cb2938488e2d24
d868a49544f5d362c62f915e99356578f4911b0f4e0517911abaf523ef6d47ea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f02cc581ceb9b439f33d383ec0ac88ad85343f9c527ec50abd799d6a93ecbe1b
f5edb38e27565b239edd249390337696f6dfec1d190562c358088c4a57d55adc
f9ff3d098f6df027122009dde31977030910e05c81ed06fdd87c5ceeb33632b2
fd4afd6b78252015018a6cced441874debd99791f2ba625de4e9277bc18b77a6
fe874340b486cf22acce191298ad2d86dba87060d5595f47222f6770b986a12d

poland.noyan.estate Open in urlscan Pro 172.67.160.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

94 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

10 IPs

2 Countries

527 kBTransfer

1450 kBSize

7 Cookies

36 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

poland.noyan.estate Open in urlscan Pro
172.67.160.126 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

94 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

527 kB
Transfer

1450 kB
Size

7
Cookies

36 HTTP transactions
0 data transactions