urlscan.io logo urlscan.io
SecurityTrails logo

consultatie.kinezisvita.md Open in urlscan Pro
2a0a:8d80:0:9123::135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://consultatie.kinezisvita.md/0.8064510304878534
Effective URL: https://consultatie.kinezisvita.md/0.8064510304878534
Submission: On November 14 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2a0a:8d80:0:9123::135, located in Russian Federation and belongs to . The main domain is consultatie.kinezisvita.md.
TLS certificate: Issued by R10 on October 16th 2024. Valid for: 3 months.
This is the only time consultatie.kinezisvita.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2a0a:8d80:0:9123::135 (Russian Federation)

ASN- ()
consultatie.kinezisvita.md
2    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivo.ru
2    2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    87.242.125.252 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
node-sber1-az1-20.jivosite.com
Apex Domain
Subdomains		 Transfer
19 kinezisvita.md
consultatie.kinezisvita.md
185 KB
9 jivo.ru
code.jivo.ru — Cisco Umbrella Rank: 82552
359 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
79 KB
2 gstatic.com
fonts.gstatic.com
120 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
186 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
2 KB
1 jivosite.com
node-sber1-az1-20.jivosite.com — Cisco Umbrella Rank: 557554
418 B
44 9
Domain Requested by
19 consultatie.kinezisvita.md consultatie.kinezisvita.md
9 code.jivo.ru consultatie.kinezisvita.md
code.jivo.ru
2 www.facebook.com consultatie.kinezisvita.md
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com consultatie.kinezisvita.md
www.googletagmanager.com
2 fonts.googleapis.com consultatie.kinezisvita.md
1 node-sber1-az1-20.jivosite.com code.jivo.ru
44 9

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
consultatie.kinezisvita.md
R10		 2024-10-16 -
2025-01-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.jivo.ru
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-05-13 -
2025-06-14		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-24 -
2024-11-22		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2024-04-05 -
2025-05-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://consultatie.kinezisvita.md/0.8064510304878534
Frame ID: 8778C82530ED9B7C0E3C8772ABBCDA9E
Requests: 44 HTTP requests in this frame

Frame: https://code.jivo.ru/js/bf37ce2/omnichannelMenu.js
Frame ID: 14B0BCB4E93F12B411407DC5AE310BE2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nu am găsit pagina – Kinezis Vita

Page URL History Show full URLs

  1. http://consultatie.kinezisvita.md/0.8064510304878534 HTTP 307
    https://consultatie.kinezisvita.md/0.8064510304878534 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

44
Requests

93 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

931 kB
Transfer

3012 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://consultatie.kinezisvita.md/0.8064510304878534 HTTP 307
    https://consultatie.kinezisvita.md/0.8064510304878534 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.8064510304878534
consultatie.kinezisvita.md/
Redirect Chain
  • http://consultatie.kinezisvita.md/0.8064510304878534
  • https://consultatie.kinezisvita.md/0.8064510304878534
29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx / PHP/8.3.8
Resource Hash
bde9234082a7c064f097a78920456cf669e52d92200e48ad2a18c70c88dad188

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Nov 2024 23:13:42 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://consultatie.kinezisvita.md/wp-json/>; rel="https://api.w.org/"
server
nginx
x-powered-by
PHP/8.3.8

Redirect headers

Location
https://consultatie.kinezisvita.md/0.8064510304878534
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
consultatie.kinezisvita.md/wp-includes/css/dist/block-library/ 		112 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-includes/css/dist/block-library/style.min.css?ver=6.7
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"67350cde-1c012"
content-type
text/css
last-modified
Wed, 13 Nov 2024 20:32:30 GMT
server
nginx
styles.css
consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/dist/css/blocks/styles.css?ver=4.6.13
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"66e14d33-e768"
content-type
text/css
last-modified
Wed, 11 Sep 2024 07:56:35 GMT
server
nginx
styles.css
consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"660d3f7e-b4e"
accept-ranges
bytes
content-length
2894
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
text/css
last-modified
Wed, 03 Apr 2024 11:37:34 GMT
server
nginx
style.min.css
consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/ 		908 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"66e14d32-38c"
accept-ranges
bytes
content-length
908
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
text/css
last-modified
Wed, 11 Sep 2024 07:56:34 GMT
server
nginx
swiper-bundle.min.css
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/swiper/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/swiper/swiper-bundle.min.css?ver=6.7
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f86-4813"
content-type
text/css
last-modified
Wed, 03 Apr 2024 11:37:42 GMT
server
nginx
magnific-popup.min.css
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/magnific/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/magnific/magnific-popup.min.css?ver=6.7
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f494f185f7c63911619202dd288ff08a57c6b972c21b40a3112664de57fb3102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"660d3f86-148c"
accept-ranges
bytes
content-length
5260
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
text/css
last-modified
Wed, 03 Apr 2024 11:37:42 GMT
server
nginx
style.css
consultatie.kinezisvita.md/wp-content/themes/kinezis/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/style.css?ver=67368426cdc0b
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
abcc81fe403a3cbad224739aafa4c4abc2512edc0a5222b85a564ec10877dd1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"66e3e5b5-a84d"
content-type
text/css
last-modified
Fri, 13 Sep 2024 07:11:49 GMT
server
nginx
language-cookie.js
consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/ 		271 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.6.13
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"66e14d2f-10f"
accept-ranges
bytes
content-length
271
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 11 Sep 2024 07:56:31 GMT
server
nginx
jquery.min.js
consultatie.kinezisvita.md/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f7b-15601"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:31 GMT
server
nginx
jquery-migrate.min.js
consultatie.kinezisvita.md/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f7b-3509"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:31 GMT
server
nginx
css2
fonts.googleapis.com/ 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@200..800&display=swap
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c47be73a84a15ce962f1c98ddd16bc00740668bdbaf6a611f32420a86fddffa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 23:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 23:13:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
QkcCbiCcpl
code.jivo.ru/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/widget/QkcCbiCcpl
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
70f6e8cd49b577ef061f32c164005997532318641a014bf453cb40fb0a9c0b3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache
STALE
x-geo-shard
sber1
content-encoding
br
etag
"6734a635-17ad"
expires
Thu, 14 Nov 2024 15:43:07 GMT
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
application/javascript
x-node
m9-up-gc8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:14:29 GMT
cache-control
max-age=7200
via
1.1 sharxy
accept-ranges
bytes
access-control-allow-origin
*
content-length
6061
x-cached-since
2024-11-14T19:50:45+00:00
server
nginx
logo.png
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/images/logo.png
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4750a7ae6e132ce9a438749a633c2c7272a413e5b8cef1c278f624e633fc6598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"660d3f86-264a"
accept-ranges
bytes
content-length
9802
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
image/png
last-modified
Wed, 03 Apr 2024 11:37:42 GMT
server
nginx
index.js
consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f7e-2cf9"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:34 GMT
server
nginx
index.js
consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f7e-32fe"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:34 GMT
server
nginx
swiper-bundle.min.js
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/swiper/ 		140 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/swiper/swiper-bundle.min.js?ver=6.7
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d3422c182871135666da685419bbed480a08f51fead9546fb95965a6e47450a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f86-22ec6"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:42 GMT
server
nginx
magnific-popup.min.js
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/magnific/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/plugins/magnific/magnific-popup.min.js?ver=6.7
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
content-encoding
gzip
date
Thu, 14 Nov 2024 23:13:43 GMT
etag
W/"660d3f86-4ef8"
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 03 Apr 2024 11:37:42 GMT
server
nginx
main.js
consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/themes/kinezis/assets/js/main.js?ver=67368426cdc0b
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1eda7bdc6a0ecb230b2fe8471d628cb09a204a7a9425a35eda2d335da590490a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"66e31499-10e9"
accept-ranges
bytes
content-length
4329
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 12 Sep 2024 16:19:37 GMT
server
nginx
css2
fonts.googleapis.com/ 		2 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/wp-content/themes/kinezis/style.css?ver=67368426cdc0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0919ff36779eef85fa50af4b94fb2d496a765612b7c5edd31ba69ea1f4136736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 23:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 22:27:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		223 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKL727B6
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd618883aa63423779bb58796f1fd0edbb79e92feb1ce9b56e0d0909879bef46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 14 Nov 2024 23:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 14 Nov 2024 22:29:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79359
x-xss-protection
0
server
Google Tag Manager
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://consultatie.kinezisvita.md
Referer
https://fonts.googleapis.com/

Response headers

age
65319
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 05:05:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 05:05:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://consultatie.kinezisvita.md
Referer
https://fonts.googleapis.com/

Response headers

age
125072
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 12:29:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:29:11 GMT
last-modified
Mon, 29 Jul 2024 22:47:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
74328
x-xss-protection
0
server
sffe
schema
consultatie.kinezisvita.md/wp-json/contact-form-7/v1/contact-forms/92/feedback/ 		405 B
787 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-json/contact-form-7/v1/contact-forms/92/feedback/schema
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx / PHP/8.3.8
Resource Hash
d3b1d5888a78bae8d400ceaf960dfd7606f661a74d98629b0437fac4be8d08a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, */*;q=0.1
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
x-robots-tag
noindex
link
<https://consultatie.kinezisvita.md/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
vary
Origin
x-content-type-options
nosniff
allow
GET
content-length
405
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/8.3.8
server
nginx
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D2EWVRQS99&l=dataLayer&cx=c&gtm=45He4bc0v9182854297za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKL727B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fad415ef7a58e69471f5e9d8904e36a23b97986408f21acc71fe9bd02133ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 14 Nov 2024 23:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109570
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKL727B6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-7EToqHmd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-7EToqHmd' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=5686, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
kXbbJhcL9DxREYMN7MpNpLEafTZ2nVK7+t/Gy1ShgOSGR8xMMac9aoq87I+eBdUNDtYrLrzk4/Bb0SDKpmOmDg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D2EWVRQS99&gtm=45je4bc0v9186696369z89182854297za200zb9182854297&_p=1731626023554&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067807~102077855&cid=1281053584.1731626024&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731626024&sct=1&seg=0&dl=https%3A%2F%2Fconsultatie.kinezisvita.md%2F0.8064510304878534&dt=Nu%20am%20g%C4%83sit%20pagina%20%E2%80%93%20Kinezis%20Vita&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3140
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2EWVRQS99&l=dataLayer&cx=c&gtm=45He4bc0v9182854297za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://consultatie.kinezisvita.md
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
text/plain
server
Golfe2
453331680529426
connect.facebook.net/signals/config/ 		87 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/453331680529426?v=2.9.177&r=stable&domain=consultatie.kinezisvita.md&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f44ca9a1f6ac0badf774a3eb32faa1276a0c961f3d3afe30547b03aaaa9e568e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-MGQxsSYw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-MGQxsSYw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=77, mss=1232, tbw=72217, tp=68, tpl=0, uplat=128, ullat=0
pragma
public
x-fb-debug
2Als8s0ZNl3TiDK7TOxAT46/Lux3kLgCJRQje5y3x4KpsHxVqOzukrOaZ9Af1etXR5GEyG0+L8TaaZ1ivT7kwQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=453331680529426&ev=PageView&dl=https%3A%2F%2Fconsultatie.kinezisvita.md&rl=&if=false&ts=1731626024348&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1731626024345.179321066667914852&cs_est=true&pm=1&hrl=7a43e9&ler=empty&cdl=API_unavailable&it=1731626024124&coo=false&tm=1&cs_cc=1&cas=8264487376998160%2C26642698758650562%2C8180253691987058%2C7613271122095501&rqm=GET
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5736, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=453331680529426&ev=PageView&dl=https%3A%2F%2Fconsultatie.kinezisvita.md&rl=&if=false&ts=1731626024348&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4124&fbp=fb.1.1731626024345.179321066667914852&cs_est=true&pm=1&hrl=7a43e9&ler=empty&cdl=API_unavailable&it=1731626024124&coo=false&tm=1&cs_cc=1&cas=8264487376998160%2C26642698758650562%2C8180253691987058%2C7613271122095501&rqm=FGET
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437277142889118772"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ze1cckCEGXDovnip9559k1STip3Yt4ospv84VZIF7mixjkRvLJva1TKKEtMroiE7RB5UT90Vkt9/e2PKPk+N+g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437277142889118772", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=6104, tp=14, tpl=0, uplat=81, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
QkcCbiCcpl
code.jivo.ru/script/widget/config/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/script/widget/config/QkcCbiCcpl
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/QkcCbiCcpl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
050191e07d8e85534fe2b0a609980b0a860d6fffca52c54cce2aab121b59de9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache
STALE
cache-control
max-age=7200
x-geo-shard
sber1
content-encoding
gzip
via
1.1 sharxy
expires
Thu, 14 Nov 2024 21:50:45 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1215
date
Thu, 14 Nov 2024 23:13:45 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
nginx
x-cached-since
2024-11-14T19:50:45+00:00
x-node
m9-up-gc231
cropped-favicon-32x32.png
consultatie.kinezisvita.md/wp-content/uploads/2024/04/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://consultatie.kinezisvita.md/wp-content/uploads/2024/04/cropped-favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:8d80:0:9123::135 , Russian Federation, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a1841f2f48d39ab283b8b3ae8a1e7736a68d22f9c1822e4cd084a0766c146b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/0.8064510304878534

Response headers

strict-transport-security
max-age=31536000;
etag
"660d45a9-779"
accept-ranges
bytes
content-length
1913
date
Thu, 14 Nov 2024 23:13:44 GMT
content-type
image/png
last-modified
Wed, 03 Apr 2024 12:03:53 GMT
server
nginx
QkcCbiCcpl
node-sber1-az1-20.jivosite.com/widget/status/2418249/ 		79 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-sber1-az1-20.jivosite.com/widget/status/2418249/QkcCbiCcpl?rnd=0.28310197587210606
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/QkcCbiCcpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.242.125.252 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),
Reverse DNS
Software
foxy/3.5 /
Resource Hash
b5a8938f277e2d88b952a472009262bec58c2b235c90816c9131aad7da4e14c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

content-security-policy
frame-ancestors 'none';
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-max-age
1728000
x-geoip
US;TX;Dallas (Oak Lawn)
access-control-allow-origin
https://consultatie.kinezisvita.md
x-botmode
no
content-length
79
date
Thu, 14 Nov 2024 23:13:46 GMT
content-type
application/json; charset=utf-8
server
foxy/3.5
x-frame-options
DENY
bundle_ro.js
code.jivo.ru/js/ 		1 MB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/js/bundle_ro.js?rand=1731585144
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/QkcCbiCcpl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
02d9d3ae9cad9112f93bd08584e0f3e9947458e127d19cac8a6792404cf786e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache
HIT
x-geo-shard
sber1
content-encoding
br
etag
"6734a635-44c95"
date
Thu, 14 Nov 2024 23:13:46 GMT
content-type
application/javascript
x-node
m9-up-gc98
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:14:29 GMT
cache-control
max-age=86400
via
1.1 sharxy
accept-ranges
bytes
access-control-allow-origin
*
content-length
281749
x-cached-since
2024-11-14T12:10:36+00:00
server
nginx
widget.css
code.jivo.ru/css/bf37ce2/ 		175 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/css/bf37ce2/widget.css
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
c8ae11ddcec13200229b445a9b9c2d0e2d0e366cd9ee631c64772344b3ee8c83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache
HIT
x-geo-shard
sber1
content-encoding
br
etag
"6734a634-b4b1"
expires
Sun, 24 Nov 2024 11:52:49 GMT
date
Thu, 14 Nov 2024 23:13:47 GMT
content-type
text/css
x-node
m9-up-gc82
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:14:28 GMT
cache-control
max-age=864000
via
1.1 sharxy
accept-ranges
bytes
content-length
46257
x-cached-since
2024-11-14T11:52:49+00:00
server
nginx
omnichannelMenu.widget.css
code.jivo.ru/css/bf37ce2/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/css/bf37ce2/omnichannelMenu.widget.css
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
1072d29c9e4bac3e6f92d428960e5eb2dc5e26823a7d22f26857d59165916474

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache
HIT
x-geo-shard
sber1
content-encoding
gzip
etag
"6734a634-5aa"
expires
Sun, 24 Nov 2024 11:52:49 GMT
date
Thu, 14 Nov 2024 23:13:48 GMT
content-type
text/css
x-node
m9-up-gc229
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:14:28 GMT
cache-control
max-age=864000
via
1.1 sharxy
accept-ranges
bytes
content-length
1450
x-cached-since
2024-11-14T11:52:49+00:00
server
nginx
omnichannelMenu.js
code.jivo.ru/js/bf37ce2/ Frame 14B0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/js/bf37ce2/omnichannelMenu.js
Requested by
Host: consultatie.kinezisvita.md
URL: https://consultatie.kinezisvita.md/0.8064510304878534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
ecc4ef2f5512e9da9d3e4b01084a66170d0c558f69963613572a5937974b3776

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache
HIT
x-geo-shard
sber1
content-encoding
br
etag
"6734a635-264a"
date
Thu, 14 Nov 2024 23:13:48 GMT
content-type
application/javascript
x-node
m9-up-gc72
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 13:14:29 GMT
cache-control
max-age=86400
via
1.1 sharxy
accept-ranges
bytes
access-control-allow-origin
*
content-length
9802
x-cached-since
2024-11-14T11:52:49+00:00
server
nginx
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a63c1eb8f6f814487db4e100451db63a4e6c140244fb56fa50446b51c35b073

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivo.ru/sounds/ 		0
0
notification.mp3
code.jivo.ru/sounds/ 		0
0
outgoing_message.mp3
code.jivo.ru/sounds/ 		0
0
notification.ogg
code.jivo.ru/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/notification.ogg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
398fc80b13bec406188270119dfa77787e0c0f7afccf9f0783dd3ab13d968782

Request headers

Referer
https://consultatie.kinezisvita.md/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache
HIT
x-geo-shard
sber1
etag
"672b68dc-17fc"
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 09 Dec 2024 08:51:26 GMT
date
Thu, 14 Nov 2024 23:13:48 GMT
content-type
audio/ogg
x-node
m9-up-gc81
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 13:02:20 GMT
cache-control
max-age=2592000
Content-Range
bytes 0-6139/6140
via
1.1 sharxy
access-control-allow-origin
*
Content-Length
6140
x-cached-since
2024-11-09T08:51:26+00:00
server
nginx
agent_message.ogg
code.jivo.ru/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/agent_message.ogg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
b40089c70c381bfd904f5a93c9d3a07f73cdef77a322a4c0a5935cc998bd7853

Request headers

Referer
https://consultatie.kinezisvita.md/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache
HIT
x-geo-shard
sber1
etag
"672b68dc-1940"
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 09 Dec 2024 08:51:26 GMT
date
Thu, 14 Nov 2024 23:13:48 GMT
content-type
audio/ogg
x-node
m9-up-gc70
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 13:02:20 GMT
cache-control
max-age=2592000
Content-Range
bytes 0-6463/6464
via
1.1 sharxy
access-control-allow-origin
*
Content-Length
6464
x-cached-since
2024-11-09T08:51:26+00:00
server
nginx
outgoing_message.ogg
code.jivo.ru/sounds/ 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/sounds/outgoing_message.ogg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
52957d0999c06d7ebc1e5e8afec7a12ea0edc480b72c506dcb10d0a19152d67a

Request headers

Referer
https://consultatie.kinezisvita.md/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache
HIT
x-geo-shard
sber1
etag
"672b68dc-1bfd"
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 09 Dec 2024 08:50:45 GMT
date
Thu, 14 Nov 2024 23:13:48 GMT
content-type
audio/ogg
x-node
m9-up-gc89
vary
Accept-Encoding
last-modified
Wed, 06 Nov 2024 13:02:20 GMT
cache-control
max-age=2592000
Content-Range
bytes 0-7164/7165
via
1.1 sharxy
access-control-allow-origin
*
Content-Length
7165
x-cached-since
2024-11-09T08:50:45+00:00
server
nginx
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-D2EWVRQS99&gtm=45je4bc0v9186696369za200zb9182854297&_p=1731626023554&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067807~102077855&cid=1281053584.1731626024&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731626024&sct=1&seg=0&dl=https%3A%2F%2Fconsultatie.kinezisvita.md%2F0.8064510304878534&dt=Nu%20am%20g%C4%83sit%20pagina%20%E2%80%93%20Kinezis%20Vita&en=scroll&epn.percent_scrolled=90&_et=5&tfd=8153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D2EWVRQS99&l=dataLayer&cx=c&gtm=45He4bc0v9182854297za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://consultatie.kinezisvita.md/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://consultatie.kinezisvita.md
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 23:13:49 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jivo.ru
URL
https://code.jivo.ru/sounds/agent_message.mp3
Domain
code.jivo.ru
URL
https://code.jivo.ru/sounds/notification.mp3
Domain
code.jivo.ru
URL
https://code.jivo.ru/sounds/outgoing_message.mp3

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| wpml_cookies function| jQuery object| dataLayer object| swv object| wpcf7 function| Swiper object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids function| onYouTubeIframeAPIReady object| gaGlobal function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

4 Cookies

Domain/Path Name / Value
consultatie.kinezisvita.md/ Name: wp-wpml_current_language
Value: ro
.kinezisvita.md/ Name: _ga
Value: GA1.1.1281053584.1731626024
.kinezisvita.md/ Name: _ga_D2EWVRQS99
Value: GS1.1.1731626024.1.0.1731626024.0.0.0
.kinezisvita.md/ Name: _fbp
Value: fb.1.1731626024345.179321066667914852

1 Console Messages

Source Level URL
Text
network error URL: https://consultatie.kinezisvita.md/0.8064510304878534
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivo.ru
connect.facebook.net
consultatie.kinezisvita.md
fonts.googleapis.com
fonts.gstatic.com
node-sber1-az1-20.jivosite.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
code.jivo.ru
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:822::2008
2607:f8b0:4006:822::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a0a:8d80:0:9123::135
2a13:1ec0::1037
87.242.125.252
02d9d3ae9cad9112f93bd08584e0f3e9947458e127d19cac8a6792404cf786e8
050191e07d8e85534fe2b0a609980b0a860d6fffca52c54cce2aab121b59de9d
0919ff36779eef85fa50af4b94fb2d496a765612b7c5edd31ba69ea1f4136736
1072d29c9e4bac3e6f92d428960e5eb2dc5e26823a7d22f26857d59165916474
1eda7bdc6a0ecb230b2fe8471d628cb09a204a7a9425a35eda2d335da590490a
20be9b3c63a01d921697a0ef1c1596f647678498eefe6dc508e2363be25277f8
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
398fc80b13bec406188270119dfa77787e0c0f7afccf9f0783dd3ab13d968782
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4750a7ae6e132ce9a438749a633c2c7272a413e5b8cef1c278f624e633fc6598
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
4a63c1eb8f6f814487db4e100451db63a4e6c140244fb56fa50446b51c35b073
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52957d0999c06d7ebc1e5e8afec7a12ea0edc480b72c506dcb10d0a19152d67a
58c855e7eb9b917e71e6b733e73c542c25bacb986f3ba7df2be1570200312135
5fad415ef7a58e69471f5e9d8904e36a23b97986408f21acc71fe9bd02133ae8
70f6e8cd49b577ef061f32c164005997532318641a014bf453cb40fb0a9c0b3b
79a42e24b867ff52d9e4d766b96d8882c83f18e7442408a41c4b09a043dffccb
a1841f2f48d39ab283b8b3ae8a1e7736a68d22f9c1822e4cd084a0766c146b08
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abcc81fe403a3cbad224739aafa4c4abc2512edc0a5222b85a564ec10877dd1d
b40089c70c381bfd904f5a93c9d3a07f73cdef77a322a4c0a5935cc998bd7853
b5a8938f277e2d88b952a472009262bec58c2b235c90816c9131aad7da4e14c4
bd618883aa63423779bb58796f1fd0edbb79e92feb1ce9b56e0d0909879bef46
bde9234082a7c064f097a78920456cf669e52d92200e48ad2a18c70c88dad188
c47be73a84a15ce962f1c98ddd16bc00740668bdbaf6a611f32420a86fddffa9
c8ae11ddcec13200229b445a9b9c2d0e2d0e366cd9ee631c64772344b3ee8c83
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d3422c182871135666da685419bbed480a08f51fead9546fb95965a6e47450a3
d3b1d5888a78bae8d400ceaf960dfd7606f661a74d98629b0437fac4be8d08a6
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc4ef2f5512e9da9d3e4b01084a66170d0c558f69963613572a5937974b3776
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f44ca9a1f6ac0badf774a3eb32faa1276a0c961f3d3afe30547b03aaaa9e568e
f494f185f7c63911619202dd288ff08a57c6b972c21b40a3112664de57fb3102