agora.md Open in urlscan Pro
161.35.200.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://agora.md/
Effective URL:
https://agora.md/
Submission: On March 11 via manual (March 11th 2021, 3:10:55 am UTC) from JP

Summary HTTP 209 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 46 IPs in 14 countries across 32 domains to perform 209 HTTP transactions. The main IP is 161.35.200.35, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is agora.md.
TLS certificate: Issued by R3 on March 7th 2021. Valid for: 3 months.

This is the only time agora.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	161.35.200.35 161.35.200.35	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2 17	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	40.118.27.163 40.118.27.163	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	137.74.0.146 137.74.0.146	16276 (OVH) (OVH)
1 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	13.226.159.117 13.226.159.117	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:4b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.96.51 65.9.96.51	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.96.45 65.9.96.45	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 4	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	183.110.238.136 183.110.238.136	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
2 2	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	2a0c:5c81:516... 2a0c:5c81:5161::2	55081 (24SHELLS) (24SHELLS)
1 2	176.9.158.88 176.9.158.88	24940 (HETZNER-AS) (HETZNER-AS)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	195.209.108.36 195.209.108.36	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	54.74.77.136 54.74.77.136	16509 (AMAZON-02) (AMAZON-02)
2	93.116.189.30 93.116.189.30	8926 (MOLDTELEC...) (MOLDTELECOM-AS Moldtelecom Autonomous System)
18	185.46.149.20 185.46.149.20	44600 (GT-AS) (GT-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
209	46

40 161.35.200.35 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

agora.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 146.0.227.110 (Ascension Island) 2 redirects

ASN20773 (GODADDY, DE)

inv-dmp.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.118.27.163 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.privesc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 137.74.0.146 (Warsaw, Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ovhpl1.host.hit.gemius.pl

gamd.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-117.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

10024995.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:4b1 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.privesc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.51 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.45 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

idsync.admixer.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 2 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5161::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.158.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.158.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.36 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.77.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-77-136.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.116.189.30 (Chisinau, Moldova)

ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD)
PTR: host-static-93-116-189-30.moldtelecom.md

cache.privesc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.46.149.20 (Chernihiv, Ukraine)

ASN44600 (GT-AS, UA)
PTR: 185-46-149-20.net.gigatrans.ua

content.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	admixer.net 2 redirects inv-dmp.admixer.net cdn.admixer.net inv-nets.admixer.net content.admixer.net inv-nets-eu.admixer.net	2 MB
40	agora.md 1 redirects agora.md	892 KB
27	googlesyndication.com pagead2.googlesyndication.com ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com tpc.googlesyndication.com	264 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net 10024995.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	156 KB
12	gstatic.com fonts.gstatic.com ssl.gstatic.com	282 KB
11	google.com 1 redirects apis.google.com accounts.google.com adservice.google.com www.google.com	64 KB
10	yandex.ru 1 redirects mc.yandex.ru an.yandex.ru	111 KB
8	privesc.eu www.privesc.eu storage.privesc.eu cache.privesc.eu	192 KB
6	facebook.net connect.facebook.net	248 KB
5	facebook.com www.facebook.com	872 B
4	adform.net 2 redirects adx.adform.net	2 KB
4	google.de adservice.google.de www.google.de	1 KB
4	google-analytics.com www.google-analytics.com	71 KB
4	gemius.pl 1 redirects gamd.hit.gemius.pl	12 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	63 KB
3	googletagservices.com www.googletagservices.com	89 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
2	2mdn.net s0.2mdn.net	82 KB
2	trafmag.com m.trafmag.com	702 B
2	creativecdn.com 1 redirects creativecdn.com ams.creativecdn.com	691 B
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	973 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	543 B
2	new-programmatic.com 2 redirects match.new-programmatic.com	563 B
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	13 KB
2	googletagmanager.com www.googletagmanager.com	76 KB
1	google.be adservice.google.be	799 B
1	ismatlab.com ismatlab.com	149 B
1	adtarget.com.tr s.console.adtarget.com.tr
1	admixer.co.kr idsync.admixer.co.kr	904 B
1	onetag-sys.com onetag-sys.com	818 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
209	32

	Domain	Requested by
40	agora.md	1 redirects agora.md
18	content.admixer.net	cdn.admixer.net agora.md
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net agora.md ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
11	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	agora.md pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	inv-nets-eu.admixer.net	agora.md
9	mc.yandex.ru	1 redirects agora.md mc.yandex.ru
9	cdn.admixer.net	agora.md cdn.admixer.net
7	inv-nets.admixer.net	2 redirects cdn.admixer.net agora.md
6	connect.facebook.net	agora.md connect.facebook.net www.privesc.eu
5	www.facebook.com	agora.md www.privesc.eu connect.facebook.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net agora.md
4	adx.adform.net	2 redirects agora.md
4	storage.privesc.eu	www.privesc.eu
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.privesc.eu
4	gamd.hit.gemius.pl	1 redirects agora.md gamd.hit.gemius.pl
3	www.google.com	1 redirects agora.md
3	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com 10024995.fls.doubleclick.net securepubads.g.doubleclick.net
3	apis.google.com	agora.md apis.google.com
2	ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s0.2mdn.net	cdn.admixer.net tpc.googlesyndication.com
2	cache.privesc.eu	storage.privesc.eu
2	m.trafmag.com	agora.md
2	cm.g.doubleclick.net	2 redirects
2	ad.adriver.ru	2 redirects
2	ads.betweendigital.com	2 redirects
2	exchange.buzzoola.com	1 redirects agora.md
2	match.new-programmatic.com	2 redirects
2	www.google.de	agora.md
2	adservice.google.de	pagead2.googlesyndication.com adservice.google.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	ajax.googleapis.com	www.privesc.eu tpc.googlesyndication.com
2	10024995.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.privesc.eu	agora.md ajax.googleapis.com
2	www.googletagmanager.com	agora.md
2	fonts.googleapis.com	agora.md
1	adservice.google.be	securepubads.g.doubleclick.net
1	ismatlab.com	agora.md
1	ams.creativecdn.com	agora.md
1	creativecdn.com	1 redirects
1	s.console.adtarget.com.tr	agora.md
1	an.yandex.ru	agora.md
1	idsync.admixer.co.kr	agora.md
1	onetag-sys.com	inv-nets.admixer.net
1	ssl.gstatic.com	accounts.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	script.hotjar.com	static.hotjar.com
1	maxcdn.bootstrapcdn.com	www.privesc.eu
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	agora.md
1	inv-dmp.admixer.net	agora.md
209	55

This site contains links to these domains. Also see Links.

Domain
ea.md
www.facebook.com
www.instagram.com
twitter.com
t.me
www.youtube.com
itunes.apple.com
play.google.com
touchsize.com

Subject Issuer	Validity	Valid
agora.md R3	`2021-03-07` - `2021-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2020-08-17` - `2021-11-26`	a year	crt.sh
*.privesc.eu GoGetSSL RSA DV CA	`2019-07-23` - `2021-10-20`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.admixer.co.kr GeoTrust RSA CA 2018	`2020-02-27` - `2021-04-27`	a year	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
s.console.adtarget.com.tr R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
ismatlab.com RapidSSL RSA CA 2018	`2020-05-19` - `2021-05-20`	a year	crt.sh
*.google.be GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://agora.md/
Frame ID: 1F9844A0064BDF351CD005A0353D5D22
Requests: 131 HTTP requests in this frame

Frame: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Frame ID: 025D74EB0B2F4B5A71B01026F7D00BCC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: 0B1678AF1A03E4CD43341C70DCFD23FE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 788FE236C3161233B87231F75F216C84
Requests: 1 HTTP requests in this frame

Frame: https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F
Frame ID: 6727117E1E47B6579B6A5006C85360AC
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 97E9100DC6FA0F5080EDD5A2D67DB1AF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9576196045233404&output=html&adk=1812271804&adf=3025194257&lmt=1615432232&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fagora.md%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615432232224&bpp=33&bdt=962&idt=475&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5055158135067&frm=20&pv=2&ga_vid=608810801.1615432233&ga_sid=1615432233&ga_hid=1168590494&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C31060030%2C31060351&oid=3&pvsid=2042484931785773&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=518
Frame ID: D005DDAE4F8C40CA6CE968A2577B7632
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 81DE0127AE3ECDF383362BAF8B38EEA3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F
Frame ID: 4781EF5A0EB9AE666EFF9145969F438B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: C0F51F9CBE54F84CC70C24AB1669D14E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F
Frame ID: FF12C93A4B2B1E00186707C97BA180E2
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 85DC3F19132637230F25CD512F9DBC53
Requests: 3 HTTP requests in this frame

Frame: https://content.admixer.net/test1/ef84d22f-90a9-47d7-8c5c-5e4800bc5572/ab2c799b-7947-4c72-bd51-5f8e52ab00e0.png
Frame ID: 990C0C9EAB790C07966AECCBE41CAA93
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 08628C1C3799CC774675DAF37F9BDFEA
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/studio/Enabler.js
Frame ID: 523703A5F2DEA089FC5E2C26539E3BF4
Requests: 14 HTTP requests in this frame

Frame: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: EACD0C68399038283D3CBFF512E940A5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html
Frame ID: D38E86277D496CF3839E67BAE6360B57
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: DF4909925241A291FF964A35122CBAA0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 7776D00126F6A3D6A2741701A73A7966
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FC72B04AEFBAFB30A099409761D93501
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://agora.md/ HTTP 301
https://agora.md/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

209
Requests

100 %
HTTPS

53 %
IPv6

32
Domains

55
Subdomains

46
IPs

14
Countries

4618 kB
Transfer

8474 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://ea.md/daniela-arapan-despre-jurnalele-personalizate-din-piele-naturala-care-pastreaza-amintiri-pentru-o-viata-foto/

Search URL Search Domain Scan URL

URL: https://ea.md/10-fructe-care-te-ajuta-sa-slabesti-daca-sunt-consumate-cu-moderatie/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/agora.md
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/agoraunofficial/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/agoramd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/agoramd
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCS79wNddefi8mfjbG_bkkrA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/md/app/agora.md/id1031313630?mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sensmedia.agora&hl=en
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/agoramoldova/

Search URL Search Domain Scan URL

URL: https://touchsize.com/
Title: TouchSize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://agora.md/ HTTP 301
https://agora.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://10024995.fls.doubleclick.net/activityi;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F HTTP 302
https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F

Request Chain 83

https://mc.yandex.ru/watch/50912840?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A981592950156%3Ahid%3A800069267%3Az%3A60%3Ai%3A202103110401032%3Aet%3A1615432233%3Ac%3A1%3Arn%3A308001078%3Au%3A1615432233480746435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615432230369%3Awv%3A2%3Ads%3A0%2C63%2C56%2C5%2C469%2C0%2C%2C835%2C0%2C%2C%2C%2C1728%3Adsn%3A0%2C363%2C56%2C5%2C469%2C0%2C%2C834%2C0%2C%2C%2C%2C1728%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615432233%3At%3AAGORA%20-%20Acas%C4%83 HTTP 302
https://mc.yandex.ru/watch/50912840/1?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A981592950156%3Ahid%3A800069267%3Az%3A60%3Ai%3A202103110401032%3Aet%3A1615432233%3Ac%3A1%3Arn%3A308001078%3Au%3A1615432233480746435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615432230369%3Awv%3A2%3Ads%3A0%2C63%2C56%2C5%2C469%2C0%2C%2C835%2C0%2C%2C%2C%2C1728%3Adsn%3A0%2C363%2C56%2C5%2C469%2C0%2C%2C834%2C0%2C%2C%2C%2C1728%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615432233%3At%3AAGORA%20-%20Acas%C4%83

Request Chain 102

https://gamd.hit.gemius.pl/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=T0whKF9wLlw0dduF4QP0R3zbNC_Uw.JKfEqi8U.e5Ej.t7&vis=1 HTTP 301
https://gamd.hit.gemius.pl/__/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=T0whKF9wLlw0dduF4QP0R3zbNC_Uw.JKfEqi8U.e5Ej.t7&vis=1

Request Chain 119

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F

Request Chain 120

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F

Request Chain 123

https://match.new-programmatic.com/userbind?src=admixer&id=04182451a2d1411282eb00ae6656fe70 HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=2490610225

Request Chain 125

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=04182451a2d1411282eb00ae6656fe70 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=04182451a2d1411282eb00ae6656fe70

Request Chain 126

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d340f1ec-4b2b-5246-8c3f-05b2ec768f9b

Request Chain 127

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4748614688 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ANN42s8g5pXv566I_h2wAfw

Request Chain 128

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEB6VYGu5_eE7Iv1zuKjij1I&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MDQxODI0NTFhMmQxNDExMjgyZWIwMGFlNjY1NmZlNzA&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDdN4c6VuLPGO7T6NvhQfpY&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

209 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
agora.md/
Redirect Chain

http://agora.md/
https://agora.md/

137 KB
25 KB

420ms
57ms

Document
text/html

161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a3c14229509146b677f2185585a521bba1b88b90cad586f8406b54122f1fa93

Request headers

Host: agora.md
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 11 Mar 2021 03:10:30 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://agora.md/

GET
H/1.1 200
OK normalize.css
agora.md/files/css/ 9 KB
3 KB 34ms
30ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/normalize.css?v=2.4
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 88904b3c9a7c4c903396e443f79a01ee48cd98cbca1fd26ee809070b4b8636c7

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 14:11:12 GMT
Server: nginx
ETag: W/"5daf0e00-2281"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK subscription.css
agora.md/files/css/ 2 KB
1007 B 65ms
31ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/subscription.css?v=2.4
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 62029fd73703412d4237db0d6d16fe473a24792448639765f859bdcdd2edb4f5

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Mar 2020 11:16:37 GMT
Server: nginx
ETag: W/"5e75f795-709"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fotorama.css
agora.md/files/css/ 15 KB
3 KB 96ms
30ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/fotorama.css
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Dec 2019 21:32:44 GMT
Server: nginx
ETag: W/"5df6a67c-3b25"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lity.min.css
agora.md/files/css/ 3 KB
1 KB 126ms
29ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/lity.min.css
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9203a88a06533f595206bed00dd110e267301408b4a6f98272f7dc9d160789c7

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Aug 2019 15:07:22 GMT
Server: nginx
ETag: W/"5d4eddaa-d37"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
agora.md/files/css/ 96 KB
18 KB 179ms
52ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/style.css?v=3.31
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b7efe7a4981a108c6b10dea17cbb218c0bd8ad0ea897859ab4154e4682712364

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Feb 2021 12:02:59 GMT
Server: nginx
ETag: W/"6023cb73-18139"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobile.css
agora.md/files/css/ 13 KB
3 KB 210ms
30ms Stylesheet
text/css 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/mobile.css?v=1.1
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 984b9c5aeb6900718007addde06137da6bd85f4ba890eac06f22b8b636d91700

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 17:37:57 GMT
Server: nginx
ETag: W/"5fb95075-3558"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
900 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

469d645cbf87e8def3e7d9e68fdc3c85f4c67e1b5c20ca4c3916a68dea8578ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 03:10:31 GMT
server: ESF
date: Thu, 11 Mar 2021 03:10:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
765 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 02:42:35 GMT
server: ESF
date: Thu, 11 Mar 2021 03:10:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
agora.md/files/js/ 86 KB
86 KB 228ms
43ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/jquery-3.4.1.min.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Thu, 09 Apr 2020 15:11:17 GMT
Server: nginx
ETag: "5e8f3b15-15851"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88145
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK slick.min.js Show response
agora.md/files/js/ 43 KB
43 KB 244ms
34ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/slick.min.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 27 Jan 2020 00:14:59 GMT
Server: nginx
ETag: "5e2e2b83-ab69"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43881
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK fotorama.js Show response
agora.md/files/js/ 38 KB
38 KB 290ms
32ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/fotorama.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 27 Jan 2020 00:15:19 GMT
Server: nginx
ETag: "5e2e2b97-9800"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38912
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.sticky-sidebar.min.js Show response
agora.md/files/js/ 20 KB
21 KB 288ms
31ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/jquery.sticky-sidebar.min.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 63f16ec90745dfc9194eb6d92cdd6e015cfc776c71ec45b0ff5b0ffa06b3f04b

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Tue, 09 Jun 2020 15:55:32 GMT
Server: nginx
ETag: "5edfb0f4-5198"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20888
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lity.min.js Show response
agora.md/files/js/ 6 KB
7 KB 318ms
29ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/lity.min.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: aebe9729d680dc89cbfd1d622adfc1fae9f8a14fdcdb7fb9471b9bc7ba8ee6db

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Sat, 10 Aug 2019 15:07:22 GMT
Server: nginx
ETag: "5d4eddaa-19e6"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6630
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
agora.md/files/js/ 5 KB
6 KB 324ms
29ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/lazyload.min.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a372bc275e0af36d407c457e8a119685b5cc3751a2298754766d391fbfdb4855

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 27 Jan 2020 04:39:41 GMT
Server: nginx
ETag: "5e2e698d-15d0"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5584
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47948536-1

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0bd79a07b77b72d4d57cd5b01644c27f5fd7f5af1c7fe4158e84cbfdedb9557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39794
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
server: cafe
etag: 3674309925980533368
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H/1.1 200
OK cross-red.png
agora.md/files/css/font/ 15 KB
15 KB 36ms
31ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/files/css/font/cross-red.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c6db26e6c5fa26c518e27c9771abf80b6d679857992dd771c3bf585cece053d

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Wed, 06 Jan 2021 18:34:11 GMT
Server: nginx
ETag: "5ff602a3-3bce"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15310
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo-white.png
agora.md/files/images/ 9 KB
9 KB 53ms
34ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/files/images/logo-white.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bad1451629361064131e89578a47a5676d59746797a75b461ba8db33a135f2e

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Thu, 24 Oct 2019 20:08:18 GMT
Server: nginx
ETag: "5db204b2-222a"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8746
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo-white-small.png
agora.md/files/images/ 1 KB
2 KB 61ms
32ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/files/images/logo-white-small.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a4b4de33e6c2575046d020446050fca3aa83b977575a7153e02630e288b6bf7

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Tue, 05 May 2020 19:47:31 GMT
Server: nginx
ETag: "5eb1c2d3-5c4"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1476
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cross.png
agora.md/files/css/font/ 6 KB
6 KB 61ms
32ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/files/css/font/cross.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 27e58c490ae998fe9d2859e508e34f3c899e906520fe9bee5701fdc2cba50b48

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Wed, 06 Jan 2021 18:34:12 GMT
Server: nginx
ETag: "5ff602a4-162c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5676
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK default-lazy.gif
agora.md/files/img/ 686 B
991 B 61ms
32ms Image
image/gif 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/files/img/default-lazy.gif
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b35ec387c3f92d98f58366c44602fab7687f2223932d70d5391d41c32268da2

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 27 Jan 2020 04:44:09 GMT
Server: nginx
ETag: "5e2e6a99-2ae"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 686
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK penis-si-vulva-sau-cucusor-si-floricica-educatia-sexuala-din-moldova-intre-frica-de-destrabalare-si-solutii-corecte-pentru-o-societate-sanatoasa-163164-1614605552.jpg
agora.md/cdn/p/news/big/ 68 KB
68 KB 57ms
47ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/big/penis-si-vulva-sau-cucusor-si-floricica-educatia-sexuala-din-moldova-intre-frica-de-destrabalare-si-solutii-corecte-pentru-o-societate-sanatoasa-163164-1614605552.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d614e0fdb4901564af28759fd4a4272a761616f09224cef9bebe6b86185fc8db

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 01 Mar 2021 13:32:32 GMT
Server: nginx
ETag: "603cecf0-10f79"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69497
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK copiii-stiu-mai-bine-singur-acasa-sau-ce-pericole-pot-exista-atunci-cand-cei-mici-raman-nesupravegheati-video-163508-1613394727.jpg
agora.md/cdn/p/news/big/ 123 KB
123 KB 31ms
31ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/big/copiii-stiu-mai-bine-singur-acasa-sau-ce-pericole-pot-exista-atunci-cand-cei-mici-raman-nesupravegheati-video-163508-1613394727.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d0b7dd105d37c9819c263c56dfacd7a53d757d1283107bc11a9dfac0b122df11

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 15 Feb 2021 13:12:07 GMT
Server: nginx
ETag: "602a7327-1ec52"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126034
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dupa-ce-ne-tratam-ne-intoxicam-medicamentele-expirate-solutiile-altor-state-si-ce-intarzie-sa-faca-republica-moldova-162910-1612455145.jpg
agora.md/cdn/p/news/big/ 62 KB
63 KB 44ms
43ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/big/dupa-ce-ne-tratam-ne-intoxicam-medicamentele-expirate-solutiile-altor-state-si-ce-intarzie-sa-faca-republica-moldova-162910-1612455145.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 06ab062274809dd2d077438e17816f695e859563d8b4fb5db5eeb53df48dc7b9

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Thu, 04 Feb 2021 16:12:25 GMT
Server: nginx
ETag: "601c1ce9-f8ee"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63726
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK copiii-stiu-mai-bine-Invatatura-noastra-cea-de-toate-zilele-si-perspectiva-asupra-lectiilor-online-video-162965-1612296310.jpg
agora.md/cdn/p/news/big/ 135 KB
135 KB 44ms
44ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/big/copiii-stiu-mai-bine-Invatatura-noastra-cea-de-toate-zilele-si-perspectiva-asupra-lectiilor-online-video-162965-1612296310.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ae43eb24cfcd4bcf85c72c7ba11bf20a9348e4cef8787b55b66f59bb9d466e66

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Tue, 02 Feb 2021 20:05:11 GMT
Server: nginx
ETag: "6019b077-21ca2"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138402
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mark-mazureanu.png
agora.md/cdn/p/authors/small/ 20 KB
21 KB 44ms
44ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/authors/small/mark-mazureanu.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b9c3fe38ecee7df99c4ed72f1395c205eeeca276915c9ba706cc457905858758

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Tue, 13 Oct 2020 22:20:19 GMT
Server: nginx
ETag: "5f862823-5159"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20825
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oleg-serebrian.png
agora.md/cdn/p/authors/small/ 21 KB
21 KB 33ms
33ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/authors/small/oleg-serebrian.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 291d8bc81f0631b9bdd2bc595c56ba3ccf701da6e114f67946f216baec0985df

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Thu, 18 Feb 2021 23:09:48 GMT
Server: nginx
ETag: "602ef3bc-53dd"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21469
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK catalina-birsanu.png
agora.md/cdn/p/authors/small/ 23 KB
24 KB 33ms
32ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/authors/small/catalina-birsanu.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d09b514dd39aca82c7f54a8e6b2898641dcc8c109753eabd65cfd48c222fa24e

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Wed, 11 Nov 2020 09:41:54 GMT
Server: nginx
ETag: "5fabb1e2-5dd1"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24017
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK payment.png
agora.md/media/images/ 17 KB
17 KB 32ms
31ms Image
image/png 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/media/images/payment.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 54e8d69712c7124515dd61e2ff5011a4972818eacc1cce004f16249573d08d06

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Wed, 30 Dec 2020 15:53:22 GMT
Server: nginx
ETag: "5feca272-4311"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17169
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SlXfslY/LtqLEr4yPK75YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-SlXfslY/LtqLEr4yPK75YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 12 KB
6 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b04a2c6940640644897220bca6a215e6eea45a82b83b004f547de4358dc50f39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xCpkowNuEPt+erm5yObJrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "057501bb4078aa4623deb37f27a3068e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-xCpkowNuEPt+erm5yObJrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H/1.1 200
OK dmpcnt.js Show response
inv-dmp.admixer.net/ 1 KB
2 KB 82ms
29ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://inv-dmp.admixer.net/dmpcnt.js?cntoid=a32aad71-6348-41cf-9b4a-cbe53115125e
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 831c25ad64f96db79fdfbc8646c8dfc4bbaebda89d52cc0397d7b4b228e6fcc1

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Cache-Control: no-store
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Expires: Wed, 21 Oct 2015 07:28:00 GMT

GET
H/1.1 200
OK agorafunctions.js Show response
agora.md/files/js/ 8 KB
9 KB 30ms
29ms Script
application/javascript 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/js/agorafunctions.js?v=6.1
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 203b7fb88d2e858bb02083129c0e7b011d6b21838564f69b3c9fa2d3ec1ae9ab

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Wed, 16 Dec 2020 18:33:34 GMT
Server: nginx
ETag: "5fda52fe-212f"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8495
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
38 KB 47ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W6V94T

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

979fae781422f2a37afdb795f51b8517d244e5a56c3f117dc62770909348e2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37998
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:31 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
29 KB 144ms
49ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 04663c266755839c4b2e26190644235f4726102f96fef17fb33b900d72e0384b

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:31 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:17 GMT
server: nginx
etag: W/"6034f121-156c2"
x-cached-since: 2021-03-11T03:06:06+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Tue, 23 Feb 2021 12:24:20 GMT

GET
H2 200 Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele, Show response
www.privesc.eu/Widget/embeded/%C3%8Enregistrare/ Frame 025D 11 KB
4 KB 178ms
27ms Document
text/html 40.118.27.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.118.27.163 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 86aa0bce6eb979497b9cad3f299766e4db6ffc0c63ef6ea83e3a1fb85d3456db

Request headers

:method: GET
:authority: www.privesc.eu
:scheme: https
:path: /Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

cache-control: public, max-age=11
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 11 Mar 2021 03:10:43 GMT
last-modified: Thu, 11 Mar 2021 03:10:13 GMT
vary: *
server: Microsoft-IIS/10.0
p3p: CP="CAO PSA OUR"
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:6d0f1962-7baa-4f5f-a196-98c68c5c6272
access-control-expose-headers: Request-Context
x-powered-by: ASP.NET
date: Thu, 11 Mar 2021 03:10:31 GMT
content-length: 3844

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 3982
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:04:09 GMT

GET
H/1.1 200
OK agoraicons.woff2
agora.md/files/css/font/ 15 KB
15 KB 35ms
31ms Font
application/octet-stream 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://agora.md/files/css/font/agoraicons.woff2
Requested by: Host: agora.md
URL: https://agora.md/files/css/style.css?v=3.31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9db24845e8f3a152486401397f0c7fe9a9fa54844570bce390b902400352a62c

Request headers

Origin: https://agora.md
Referer: https://agora.md/files/css/style.css?v=3.31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Last-Modified: Mon, 13 Jul 2020 22:56:39 GMT
Server: nginx
ETag: "5f0ce6a7-3b38"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15160

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:15:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 204899
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:15:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 00:24:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 9975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 11 Mar 2022 00:24:16 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 27 KB
27 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:25:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:59 GMT
server: sffe
age: 405890
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
expires: Sun, 06 Mar 2022 10:25:41 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 23 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 23:01:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
age: 14951
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
expires: Thu, 10 Mar 2022 23:01:20 GMT

GET
H3-Q050 200 ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2
fonts.gstatic.com/s/notoserif/v9/ 21 KB
21 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Kaw1J5X9T9RW6j9bNfFImajC7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13cee72395d5b35b1f2349646c5d5457edacc58068a42f4dfd4f903a78d47470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 06:12:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:57 GMT
server: sffe
age: 507508
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21848
x-xss-protection: 0
expires: Sat, 05 Mar 2022 06:12:03 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 11 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 07:00:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:09 GMT
server: sffe
age: 504626
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11708
x-xss-protection: 0
expires: Sat, 05 Mar 2022 07:00:05 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 15:39:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 473479
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11316
x-xss-protection: 0
expires: Sat, 05 Mar 2022 15:39:12 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 11 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOXOhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 18:09:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:34 GMT
server: sffe
age: 205272
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
expires: Tue, 08 Mar 2022 18:09:19 GMT

GET
H3-Q050 200 ga6Iaw1J5X9T9RW6j9bNfFkWaCi_.woff2
fonts.gstatic.com/s/notoserif/v9/ 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFkWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

addb2c93a5432b562ab1b3288c26bfadf75ac68d726aa7e8f4dd32f0ad858bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:20:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:56 GMT
server: sffe
age: 406178
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45360
x-xss-protection: 0
expires: Sun, 06 Mar 2022 10:20:53 GMT

GET
H3-Q050 200 ga6Law1J5X9T9RW6j9bNdOwzfRmecf1I.woff2
fonts.gstatic.com/s/notoserif/v9/ 49 KB
49 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfRmecf1I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,500,600,700,700i&display=swap&subset=latin-ext

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5e10186cfb4ad342d76573ebc90f6c149ca65689fb31865329d1c9b291f1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://agora.md
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 19:41:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:16 GMT
server: sffe
age: 545342
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50124
x-xss-protection: 0
expires: Fri, 04 Mar 2022 19:41:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3578d0d6b2ed11dc2731df7ed6b7916a9126667bc138a9df9cfb41370b22434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8nkJDs8sM0tjNgF2Z83mMw==
cross-origin-resource-policy: cross-origin
expires: Thu, 11 Mar 2021 03:22:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: Z4yifv2tGgaUmOvHX2rx93xaO+jOduAtCRjjtJadd5+KktB9y60B8IvrWa/mnOK+1YRKKQpNdH2EzrhRLDvojg==
x-fb-trip-id: 917726464
x-fb-content-md5: b4daaa6e53af10bdf9ea9e17c6259822
date: Thu, 11 Mar 2021 03:10:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f6c978476749659bc0201e27e3192e93"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 xgemius.js Show response
gamd.hit.gemius.pl/ 39 KB
10 KB 152ms
41ms Script
application/x-javascript 137.74.0.146
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/xgemius.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.146 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 4f3a5c174c6efb8c912d4b18c6006dfd453233b2f0e568c0d530c430b9d02c55

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:31:51 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Thu, 11 Mar 2021 15:10:32 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
66 KB 158ms
51ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5efd3f4610ccc45e00c99246be09d65505a21997f01c638055f0d5478ed25a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "60472f6c-106f8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67320
expires: Thu, 11 Mar 2021 04:10:32 GMT

GET
H2 200 hotjar-1068753.js Show response
static.hotjar.com/c/ 3 KB
2 KB 99ms
34ms Script
application/javascript 13.226.159.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1068753.js?sv=6

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-117.dus51.r.cloudfront.net

Software

Resource Hash

2ec30550276f850de7e54c7a04cd63143aad4121c36113d3b1e6bf6b7ec611a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 18
etag: W/fdc4365de67e8583efa3ae9438fd863a
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
content-length: 1549
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-id: o9Qa10wNcqtmyiNHMA4hThj8cVHNFTFeJd40SkY3Iu30cT5q6I5hVw==

GET
H/1.1 200
OK de-la-inceputul-pandemiei-in-r-moldova-au-fost-inregistrate-183-cazuri-de-reinfectare-cu-covid-19-164634-1615404756.jpg
agora.md/cdn/p/news/medium/ 18 KB
18 KB 35ms
32ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/medium/de-la-inceputul-pandemiei-in-r-moldova-au-fost-inregistrate-183-cazuri-de-reinfectare-cu-covid-19-164634-1615404756.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 962dfa0656a09d322f58aafabf79fbfe324fd0f06d54e89281832c6d339fdd77

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 19:32:37 GMT
Server: nginx
ETag: "60491ed5-48c8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18632
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK guvernul-cere-parlamentului-sa-permita-procurarea-vaccinului-anti-covid-19-cu-derogare-de-la-legea-privind-achizitiile-publice-164629-1615395714.jpg
agora.md/cdn/p//news/small/ 11 KB
12 KB 36ms
33ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p//news/small/guvernul-cere-parlamentului-sa-permita-procurarea-vaccinului-anti-covid-19-cu-derogare-de-la-legea-privind-achizitiile-publice-164629-1615395714.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c830248d1d02f2975f0805cc5f072db4875bd736be67d615ab84cae6bd869ecd

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 17:01:54 GMT
Server: nginx
ETag: "6048fb82-2d64"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11620
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK record-absolut-de-decese-provocate-de-covid-19-33-de-oameni-si-au-pierdut-viata-intr-o-singura-zi-164626-1615392629.jpg
agora.md/cdn/p//news/small/ 7 KB
8 KB 36ms
34ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p//news/small/record-absolut-de-decese-provocate-de-covid-19-33-de-oameni-si-au-pierdut-viata-intr-o-singura-zi-164626-1615392629.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2930ddaa9413c6d6f50ef49498cb2f4aab522b53a9c73f52786e6294e37e4b93

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 16:10:29 GMT
Server: nginx
ETag: "6048ef75-1cfc"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lux-sau-ba-la-vila-de-la-condrita-cum-arata-resedinta-prezidentiala-intretinuta-cu-24-milioane-de-lei-in-2021-video-164610-1615383124.jpg
agora.md/cdn/p//news/small/ 11 KB
11 KB 36ms
34ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p//news/small/lux-sau-ba-la-vila-de-la-condrita-cum-arata-resedinta-prezidentiala-intretinuta-cu-24-milioane-de-lei-in-2021-video-164610-1615383124.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: aa00bc22b11e8420ddf7174baefa886549bc0bee994448baa2ed80b26e887597

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 13:32:04 GMT
Server: nginx
ETag: "6048ca54-2a72"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10866
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK maia-sandu-indeamna-fortele-din-parlament-sa-sustina-indexarea-pensiilor-164606-1615377330.jpg
agora.md/cdn/p//news/small/ 7 KB
8 KB 35ms
32ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p//news/small/maia-sandu-indeamna-fortele-din-parlament-sa-sustina-indexarea-pensiilor-164606-1615377330.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 96ca498c81a4fe017a3596b862ccabb2d96e214e5938f78db451356429d2dbb3

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 11:55:30 GMT
Server: nginx
ETag: "6048b3b2-1d7c"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7548
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK greceanii-presedinta-intermara-iar-durlesteanu-premiera-desemnata-dodon-asa-scenariu-tot-timpul-este-in-calcul-164575-1615320387.jpg
agora.md/cdn/p/news/small/ 7 KB
7 KB 34ms
32ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/small/greceanii-presedinta-intermara-iar-durlesteanu-premiera-desemnata-dodon-asa-scenariu-tot-timpul-este-in-calcul-164575-1615320387.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fc4eca7bfc302938d3da4a481e28b92806fb72dcd27d7d387c226474d9687c2

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Tue, 09 Mar 2021 20:06:27 GMT
Server: nginx
ETag: "6047d543-1a4e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6734
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tur-la-resedinta-prezidentiala-de-la-condrita-jurnalistii-au-fost-lasati-sa-vada-vila-prezidentiala-si-in-interior-live-164587-1615363427.jpg
agora.md/cdn/p/news/small/ 10 KB
11 KB 39ms
32ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/small/tur-la-resedinta-prezidentiala-de-la-condrita-jurnalistii-au-fost-lasati-sa-vada-vila-prezidentiala-si-in-interior-live-164587-1615363427.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cb36a0327550c1a0230fd472f3a7ce16ad84bf5ff117f4faa206bb12f1639fbf

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 08:03:47 GMT
Server: nginx
ETag: "60487d63-28cd"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10445
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ex-directorul-sis-care-a-fost-condamnat-in-dosarul-expulzarii-profesorilor-turci-locuieste-intr-un-imobil-de-lux-si-conduce-un-bolid-acesta-nu-si-a-declarat-niciodata-averea-164582-1615356917.jpg
agora.md/cdn/p/news/small/ 7 KB
8 KB 39ms
31ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/small/ex-directorul-sis-care-a-fost-condamnat-in-dosarul-expulzarii-profesorilor-turci-locuieste-intr-un-imobil-de-lux-si-conduce-un-bolid-acesta-nu-si-a-declarat-niciodata-averea-164582-1615356917.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 71173cc181cac7ba715116862a85146a4ea8b3738e0fd9e38cbf541dbca023cf

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 06:15:18 GMT
Server: nginx
ETag: "604863f6-1de7"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7655
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tusonca-untura-sau-castraveti-murati-ce-a-lasat-dodon-in-beciul-de-la-condrita-focus-foto-164593-1615370134.jpg
agora.md/cdn/p/news/small/ 11 KB
11 KB 42ms
32ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/small/tusonca-untura-sau-castraveti-murati-ce-a-lasat-dodon-in-beciul-de-la-condrita-focus-foto-164593-1615370134.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 40233b426de40691984607e4bedc49bb34d2a74c8b296abd729d60a1504d6a41

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 09:55:35 GMT
Server: nginx
ETag: "60489797-2b20"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11040
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dumitru-diacov-despre-constatarea-ani-sunt-foarte-intristat-de-aceasta-prestanta-da-sunt-sigur-ca-e-la-comanda-164636-1615408321.jpg
agora.md/cdn/p/news/small/ 7 KB
7 KB 45ms
36ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p/news/small/dumitru-diacov-despre-constatarea-ani-sunt-foarte-intristat-de-aceasta-prestanta-da-sunt-sigur-ca-e-la-comanda-164636-1615408321.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 822d1188693cd5019808b28a12aa4d9918b79eaf9d1d011d64367908243c6aa4

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 10 Mar 2021 20:32:01 GMT
Server: nginx
ETag: "60492cc1-1c48"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7240
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK podcastul-bilet-in-parlament-exista-oare-viata-fara-guvern-cu-ce-scenarii-se-jongleaza-in-privinta-unui-executiv-interimar-si-ce-urmari-pot-fi-pentru-tara-164289.jpg
agora.md/cdn/p//news/small/ 8 KB
8 KB 42ms
36ms Image
image/jpeg 161.35.200.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agora.md/cdn/p//news/small/podcastul-bilet-in-parlament-exista-oare-viata-fara-guvern-cu-ce-scenarii-se-jongleaza-in-privinta-unui-executiv-interimar-si-ce-urmari-pot-fi-pentru-tara-164289.jpg
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.35.200.35 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a55987a2165ac387cc016942f21a740ad211f7ce784d1de7497567b4f03612e

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:32 GMT
Last-Modified: Wed, 03 Mar 2021 14:50:34 GMT
Server: nginx
ETag: "603fa23a-1f2d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7981
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 103 KB
34 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 07:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 158650
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34839
x-xss-protection: 0
expires: Wed, 09 Mar 2022 07:06:22 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9576196045233404&plah=agora.md&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame 0B16 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Mar 2021 22:56:49 GMT
expires: Wed, 24 Mar 2021 22:56:49 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 15223
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 788F 637 B
491 B 49ms
48ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: am-uid=04182451a2d1411282eb00ae6656fe70
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

server: nginx
date: Thu, 11 Mar 2021 03:10:32 GMT
content-type: text/html
last-modified: Tue, 23 Feb 2021 12:12:12 GMT
vary: Accept-Encoding
etag: W/"6034f11c-27d"
expires: Thu, 24 Feb 2022 12:14:26 GMT
cache-control: max-age=31622400
access-control-allow-origin: *
cache: HIT
x-cached-since: 2021-02-23T12:16:42+00:00
x-id: fr5-up-gc32
x-vhost-ver: 8641365102716749310
content-encoding: gzip

GET
H2 200 a8a148633e21eed64eca.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
22 KB 50ms
49ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/a8a148633e21eed64eca.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fee5f4c87dabd8d30661714f8adababf64ba25b7cec543517eb5e80351a8dbef

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:09 GMT
server: nginx
etag: W/"6034f119-14693"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:32+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:22 GMT

GET
H2 200 6fa96355928421f02a02.b.js Show response
cdn.admixer.net/scripts3/ 91 KB
25 KB 55ms
55ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 73f6bfc962639314b45d8158b9ddd8507868233ebfba15d6d11c74f8213721d0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:06 GMT
server: nginx
etag: W/"6034f116-16d53"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:34+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 18ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47948536-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4077
date: Thu, 11 Mar 2021 02:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 04:02:35 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
13 KB 98ms
35ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6V94T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12597
x-xss-protection: 0
server: cafe
etag: 5966996634223651104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:32 GMT

GET
H3-Q050

200

activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F Show response
10024995.fls.doubleclick.net/ Frame 6727
Redirect Chain

https://10024995.fls.doubleclick.net/activityi;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F?
https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fag...

474 B
984 B

84ms
47ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6V94T

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

37e1de8c47550c5f55e35bc2b5e29d4ee0c979849af2746fd91d2ba3d8701524

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10024995.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 03:10:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Mar-2021 03:25:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 03:10:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 50ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

edc73ccf6d8dbd2a50aea61fea54e757905466002181607498299be26c6fef54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "604264a0-aa82"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43650
expires: Thu, 11 Mar 2021 04:10:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: DFb4JkT+S6+qBBJB+tQLDItvVBJS3rTovdMCVIz7WOao9XN+EhNPhvVCRA0ckaCfhkSAUrUEaCL+aKoWs7RdEA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 11 Mar 2021 03:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
59 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=65ea5d867f421bdadecf954a5f1d99c5&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61b4980fd58d4a6df7b2bed827a0a9715663d36af434de4a42b9064dabad9ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://agora.md
Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Lt6A5G5FzZxRcRYsKE9CRg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60548
x-fb-rlafr: 0
x-fb-debug: LQPlJ6vwEbNdJrXGdTcUp6HdlkxUorYJGp1H7uSCU1LKJKJfDhOkHXlXIgJI4exFer7fzVDS9VUucu3ykKcTUw==
x-fb-trip-id: 917726464
x-fb-content-md5: 36d95aa61efa89b06af97f45b1e61f4d
x-frame-options: DENY
date: Thu, 11 Mar 2021 03:10:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "855ff089d9a79d6fd02e37714165aece"
timing-allow-origin: *
expires: Fri, 11 Mar 2022 01:44:48 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ Frame 025D 115 KB
18 KB 55ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 27776
cdn-cachedat: 2021-03-10 20:27:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c0dcc62b0000dfff19071000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3614d0ce6726657dbfb12bd15d1edddd
cf-ray: 62e1971d1a7cdfff-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
storage.privesc.eu/videojs673/ Frame 025D 47 KB
15 KB 55ms
19ms Stylesheet
text/css 2606:4700:20::681a:4b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.privesc.eu/videojs673/video-js.min.css
Requested by: Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270a949c70c6e367616c1556229a647d54d3d8d5a96fc8f5a68773bb8a26cb7f

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-md5: FyzMy0RJiIneyQEgOJwxUQ==
age: 1797271
x-cache: HIT
cf-request-id: 08c0dcc63800002bb9af26e000000001
x-ms-lease-status: unlocked
last-modified: Mon, 05 Mar 2018 12:34:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iu31xPlQqOnKeJRRMvzHxNP6Zbx6eB%2B%2Fj0gb5t4VQvhpRtrUn7mcM52OHbewSg8C7LDqr0QT3pkuABaYDgYV3gzK%2FSgmxzGg3QsmsPHsNGjnQWfiJMecz4kS80CAr8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-ms-request-id: 68caaba4-a01e-00e3-4b0b-dd224c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 62e1971d28412bb9-FRA

GET
H2 200 video.min.js Show response
storage.privesc.eu/videojs673/ Frame 025D 189 KB
48 KB 59ms
25ms Script
application/x-javascript 2606:4700:20::681a:4b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.privesc.eu/videojs673/video.min.js
Requested by: Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b612fc4724e3e67e94c7a94243237e38881241d93e09196ea804bf69897ac02e

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-md5: mjU17Dgzxu9DyvUSTxL/4g==
age: 1797271
x-cache: HIT
cf-request-id: 08c0dcc63900002bb9d83cd000000001
x-ms-lease-status: unlocked
last-modified: Mon, 05 Mar 2018 12:34:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xP%2FdcxN4%2Fh%2BmF4eQyxff6t7DZTcy3odRWT424%2FIctuIIP2qmyun4TH2xrogQH1Tbb1bouFxX86BwzMjYET4znFd%2B%2BjXxbXpyUmGPAq0fln93E3d0gOMdy5%2Bko72AK9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-ms-request-id: cd122a41-a01e-0006-600f-1b30bb000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 62e1971d28422bb9-FRA

GET
H2 200 videojs-contrib-hls.min.js Show response
storage.privesc.eu/videojs673/ Frame 025D 225 KB
53 KB 57ms
24ms Script
application/x-javascript 2606:4700:20::681a:4b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.privesc.eu/videojs673/videojs-contrib-hls.min.js
Requested by: Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f5aa9e78c0d43586984ce5a4f9bd86bd6af76229a32ef6a9f325ac013833ba

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-md5: tYoMMmEWX+SXH6Q2vxUzeg==
age: 10862765
x-cache: HIT
cf-request-id: 08c0dcc63900002bb9b5ab7000000001
x-ms-lease-status: unlocked
last-modified: Mon, 05 Mar 2018 12:53:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2UPtUYktcX%2BB3rtbGA%2Fmyb%2FfykbtOTH0%2F%2BUrds%2BDXXNPx4QuwfBdEHVD5ZnIOxhXSufaLQ7GaW6OAZ82KsOwZ%2F3XcFapg%2FomxGtPFRs6Q0ytCkLJp3w1mG1IksL5XU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-ms-request-id: 3e7868c7-801e-0077-19db-184282000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 62e1971d28432bb9-FRA

GET
H2 200 94007.jpg
storage.privesc.eu/thumnails/ Frame 025D 68 KB
69 KB 18ms
15ms Image
image/jpeg 2606:4700:20::681a:4b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.privesc.eu/thumnails/94007.jpg
Requested by: Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1367f8d8157fecb3060b7bd7c4d80f4db8ee18d4838faab0bcee18f4a7f3331

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Mar 2021 03:10:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-md5: vc2FPHPg5ilvocNr8i86MA==
age: 42068
content-length: 70102
cf-request-id: 08c0dcc83f00002bb9b638c000000001
x-ms-lease-status: unlocked
last-modified: Wed, 10 Mar 2021 15:24:20 GMT
server: cloudflare
etag: 0x8D8E3D89386D61B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uEvVeT89cCSjecv9lBtHJgOCZ7ifTmHLDo89I2iXM3N%2Fqq2iCjoh%2F%2FhiYVXvCBkuaB8%2Bd4txBeYhrWZv3ynjrcHRbkf5gzwzP2eBQfw6Uazplu6N9Z3Rc8QnUyhonwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-ms-request-id: bf9acd11-301e-0080-60c2-156469000000
cache-control: public, max-age=2592000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62e197206ab72bb9-FRA
cf-bgj: h2pri

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 025D 94 KB
33 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 13:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48765
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 13:37:48 GMT

GET
H2 200 modules.33a772c48beaa5222edf.js Show response
script.hotjar.com/ 217 KB
58 KB 167ms
60ms Script
application/javascript 65.9.96.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.33a772c48beaa5222edf.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1068753.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 16:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 471024
x-cache: Hit from cloudfront
content-length: 58652
access-control-allow-origin: *
last-modified: Fri, 05 Mar 2021 16:19:37 GMT
etag: "a93d27db17b2296071120e76a2ccbea0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -EyxsCfOdR4Sq8Gl7CkjvNsr5CwUv9lHQJ2etWxPIhWq52E5Hd3Wgw==

GET
H2 200 fpdata.js Show response
gamd.hit.gemius.pl/ 277 B
390 B 45ms
39ms Script
application/x-javascript 137.74.0.146
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/fpdata.js?href=agora.md
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.146 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 6fa066ecc781aac1fbe4511a08fd758c1d113bef4f7622428209da0f5e1e7188

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 277
expires: Sat, 10 Apr 2021 03:10:32 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/50912840/
Redirect Chain

https://mc.yandex.ru/watch/50912840?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
https://mc.yandex.ru/watch/50912840/1?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

186 B
268 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50912840/1?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A981592950156%3Ahid%3A800069267%3Az%3A60%3Ai%3A202103110401032%3Aet%3A1615432233%3Ac%3A1%3Arn%3A308001078%3Au%3A1615432233480746435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615432230369%3Awv%3A2%3Ads%3A0%2C63%2C56%2C5%2C469%2C0%2C%2C835%2C0%2C%2C%2C%2C1728%3Adsn%3A0%2C363%2C56%2C5%2C469%2C0%2C%2C834%2C0%2C%2C%2C%2C1728%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615432233%3At%3AAGORA%20-%20Acas%C4%83

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1c3ca81c4bd9811c6f5d067d51a0679a1a6baa814d8a5f8de5d07274b52bbd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 11-Mar-2021 03:10:32 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
last-modified: Thu, 11-Mar-2021 03:10:32 GMT
location: /watch/50912840/1?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A981592950156%3Ahid%3A800069267%3Az%3A60%3Ai%3A202103110401032%3Aet%3A1615432233%3Ac%3A1%3Arn%3A308001078%3Au%3A1615432233480746435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615432230369%3Awv%3A2%3Ads%3A0%2C63%2C56%2C5%2C469%2C0%2C%2C835%2C0%2C%2C%2C%2C1728%3Adsn%3A0%2C363%2C56%2C5%2C469%2C0%2C%2C834%2C0%2C%2C%2C%2C1728%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615432233%3At%3AAGORA%20-%20Acas%C4%83
strict-transport-security: max-age=31536000
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:32 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 97E9 513 B
844 B 38ms
15ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

560f80795a315e95c7bcf137c8462930c3a6de80eda99f08c490a116a849a082

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i3c82kGMHAT2xSB648LgNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=nhxN3pE-J0JZ4UfvXrWLowM_Lu3TcD8pYR7pRfkxTHfNU77b8PAPKHPUw_cF5doX43qfriV2CAsFdIlLPE9IU4qmFW7BeXXlGZSjw_Bnc8-oAVJRZFfZh0Vl-sIXWaxWxYxOBwu07IPQSi8zWxjHvR_UnLzuxX6wdJxGuxOvCLE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 11 Mar 2021 03:10:32 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-i3c82kGMHAT2xSB648LgNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
404 B 39ms
32ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=agora.md&callback=_gfp_s_&client=ca-pub-9576196045233404

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9576196045233404&plah=agora.md&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5a064f3e5acce5a490f72c503214bdab31176e293256178a590c91fb90fd8bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=agora.md

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=agora.md

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fagora.md%2F&tn=DIV&cls=ag-modal-backdrop&ign=false

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D005 54 B
389 B 55ms
49ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9576196045233404&output=html&adk=1812271804&adf=3025194257&lmt=1615432232&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fagora.md%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615432232224&bpp=33&bdt=962&idt=475&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5055158135067&frm=20&pv=2&ga_vid=608810801.1615432233&ga_sid=1615432233&ga_hid=1168590494&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C31060030%2C31060351&oid=3&pvsid=2042484931785773&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=518

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9576196045233404&output=html&adk=1812271804&adf=3025194257&lmt=1615432232&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fagora.md%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615432232224&bpp=33&bdt=962&idt=475&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5055158135067&frm=20&pv=2&ga_vid=608810801.1615432233&ga_sid=1615432233&ga_hid=1168590494&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C31060030%2C31060351&oid=3&pvsid=2042484931785773&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=518
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Mar 2021 03:10:32 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: IDE=AHWqTUlXOWhOapDk_kjyFjLIR7NcXkx82FN6e_i_Zkar0LBR3ypPPPThKOLPPYWBIfU; expires=Tue, 05-Apr-2022 03:10:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 03:10:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:32 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 81DE 2 KB
1 KB 154ms
48ms Document
text/html 65.9.96.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1068753.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: cCqwsc_b7MBhb2LZCcEbceUfUWjzpM-wr8WE68tXooRXa3IEKFSotQ==
age: 9281369

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:32 GMT
last-modified: Tue, 09 Mar 2021 18:36:29 GMT
etag: "60472f6c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 11 Mar 2021 04:10:32 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 14ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1168590494&t=pageview&_s=1&dl=https%3A%2F%2Fagora.md%2F&ul=en-us&de=UTF-8&dt=AGORA%20-%20Acas%C4%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=2099034319&gjid=351688372&cid=608810801.1615432233&tid=UA-47948536-1&_gid=926204660.1615432233&_r=1&cd3=Visitor&gtm=2ou330&z=47574589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://agora.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 435724410675057 Show response
connect.facebook.net/signals/config/ 240 KB
70 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/435724410675057?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

71c079a0404daec4b5e2b0d523621a8f916029a378aebff3f93aaffc3d391a98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: P0pevx3SFUYMdalmfKKsf02OuqdnwUOJ6pF/BFFvA8Indr5W5VJlYS5UGqiLl7cYoKqYR8I+vE0fraakz3XRWA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Mar 2021 03:10:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972645696/ 2 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972645696/?random=1615432232904&cv=9&fst=1615432232904&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fagora.md%2F&tiba=AGORA%20-%20Acas%C4%83&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90acf1d4a55608b5b7838a432bd654069f3f5a30dbc1e3e9c6ccdd7a74b210b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29640115 Show response
mc.yandex.ru/watch/ 167 B
274 B 51ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/29640115?wmode=7&page-url=https%3A%2F%2Fagora.md%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwcd%3Afp%3A1685%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A209669643222%3Ahid%3A800069267%3Az%3A60%3Ai%3A202103110401032%3Aet%3A1615432233%3Ac%3A1%3Arn%3A1070047518%3Au%3A1615432233480746435%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615432230369%3Ads%3A0%2C63%2C56%2C5%2C469%2C0%2C%2C835%2C0%2C%2C%2C%2C1728%3Adsn%3A0%2C363%2C56%2C5%2C469%2C0%2C%2C834%2C0%2C%2C%2C%2C1728%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615432233%3At%3AAGORA%20-%20Acas%C4%83

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

38ee0aea53436cd84812e1401d6f7bb0c289e6badf1191a686140f75a73fc4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 11-Mar-2021 03:10:33 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-47948536-1&cid=608810801.1615432233&jid=2099034319&gjid=351688372&_gid=926204660.1615432233&_u=IAhAAUAAAAAAAC~&z=849002422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Mar 2021 03:10:33 GMT
content-type: text/plain
access-control-allow-origin: https://agora.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
334 B 8ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2639271456174529&ev=fb_page_view&dl=https%3A%2F%2Fagora.md%2F&rl=&if=false&ts=1615432233050&sw=1600&sh=1200&at=

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 03:10:33 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 47 KB
48 KB 125ms
52ms Script
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9812228783229124&cpv=70add498-5be7-17a0-df57-85e8f55810e3&responseType=default&uids=%7B%7D&data=%7B%22id%22%3A%22f38b867f-3f04-2be1-eb32-a04fba6aa0dc%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fagora.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218ab9293-cf02-60db-5874-471f519f638d%22%2C%22tagid%22%3A%221169d17c-f3a1-49cc-8727-7da979986775%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1169d17cf3a149cc87277da979986775_zone_32042_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22d13841b1-d47a-d2a9-f882-f9fb790ffeab%22%2C%22tagid%22%3A%22ec8f5991-f498-4fd5-8e1b-ceeea59c3f9d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ec8f5991f4984fd58e1bceeea59c3f9d_zone_32045_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22588931b2-891d-ff51-17c5-cd8c9a526209%22%2C%22tagid%22%3A%22c9c16ce7-62c3-4571-8df3-fe69eb7e08f1%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_c9c16ce762c345718df3fe69eb7e08f1_zone_32046_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221ed6cb26-3085-9568-8bfc-fd4b07590f78%22%2C%22tagid%22%3A%2276fc305e-4afc-40e1-8dd7-4970fa5df232%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_76fc305e4afc40e18dd74970fa5df232_zone_33158_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%223bd4c36e-1728-d057-4735-fad78e1427bc%22%2C%22tagid%22%3A%2229451155-4bcc-4687-b485-4f85c9371b44%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_294511554bcc4687b4854f85c9371b44_zone_33175_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221ebc91af-1f16-711f-eb4b-91d52605e1a4%22%2C%22tagid%22%3A%22e2652ec2-024b-4268-bb8a-52b859f15a57%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_e2652ec2024b4268bb8a52b859f15a57_zone_33184_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22216917d8-fe9e-5df3-9f86-bc80fb964135%22%2C%22tagid%22%3A%22364ff193-c84a-41f3-b809-f2343b8a3827%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_364ff193c84a41f3b809f2343b8a3827_zone_33217_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221800eef8-cd11-f25d-b684-02c70764caf9%22%2C%22tagid%22%3A%2272ece098-30b0-404e-a3f5-3405a9096a2f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_72ece09830b0404ea3f53405a9096a2f_zone_43819_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%223c59491b-d261-b5d2-5bba-776b19d00f20%22%2C%22tagid%22%3A%2279ab3699-3f50-4c52-9263-11c18ed79552%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_79ab36993f504c52926311c18ed79552_zone_43854_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f14ef366-d320-f877-dc6a-dbfc45e94895%22%2C%22tagid%22%3A%229f425965-3cd8-49c4-8bf5-d20eade8310d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9f4259653cd849c48bf5d20eade8310d_zone_55886_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A10%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

f22349522ae5dbd859478869523cfee5c8ee67bf0c080103bf6edcc9c5c6b14f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 025D 46 KB
19 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4078
date: Thu, 11 Mar 2021 02:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 11 Mar 2021 04:02:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 025D 91 KB
23 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: DFb4JkT+S6+qBBJB+tQLDItvVBJS3rTovdMCVIz7WOao9XN+EhNPhvVCRA0ckaCfhkSAUrUEaCL+aKoWs7RdEA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 11 Mar 2021 03:10:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gamd.hit.gemius.pl/__/_1615432233252/
Redirect Chain

https://gamd.hit.gemius.pl/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora.md%...
https://gamd.hit.gemius.pl/__/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora....

169 B
430 B

40ms
39ms

Script
application/x-javascript

137.74.0.146
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/__/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=T0whKF9wLlw0dduF4QP0R3zbNC_Uw.JKfEqi8U.e5Ej.t7&vis=1
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 137.74.0.146 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl1.host.hit.gemius.pl
Software: GHC /
Resource Hash: d6b749cc958b6823669c984c11f4330c97d57e152645c17459369eccb29cf0a4

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 10 Mar 2021 03:10:33 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1615432233252/rexdot.js?l=100&id=bapArY7pD5rSXVjkZHvqGJZz.IlFLePjRbElP1CP9EP.V7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fagora.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=T0whKF9wLlw0dduF4QP0R3zbNC_Uw.JKfEqi8U.e5Ej.t7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Wed, 10 Mar 2021 03:10:33 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-47948536-1&cid=608810801.1615432233&jid=2099034319&_u=IAhAAUAAAAAAAC~&z=2016999612

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-47948536-1&cid=608810801.1615432233&jid=2099034319&_u=IAhAAUAAAAAAAC~&z=2016999612

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 025D 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Origin: https://www.privesc.eu
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3-Q050 200 dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F Show response
adservice.google.com/ddm/fls/i/ Frame 4781 473 B
831 B 73ms
58ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F

Requested by

Host: 10024995.fls.doubleclick.net
URL: https://10024995.fls.doubleclick.net/activityi;dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F?

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28c71e32bc6d2731760de07b91a5caeac960679621f2444d4e149df251b85a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10024995.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=nhxN3pE-J0JZ4UfvXrWLowM_Lu3TcD8pYR7pRfkxTHfNU77b8PAPKHPUw_cF5doX43qfriV2CAsFdIlLPE9IU4qmFW7BeXXlGZSjw_Bnc8-oAVJRZFfZh0Vl-sIXWaxWxYxOBwu07IPQSi8zWxjHvR_UnLzuxX6wdJxGuxOvCLE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10024995.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 03:10:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 380
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 94007 Show response
www.privesc.eu/api/live/ Frame 025D 1 KB
1 KB 29ms
28ms XHR
application/json 40.118.27.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.privesc.eu/api/live/94007
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.118.27.163 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1a66f77e8072fd1f9613e7ceb16dfedb7514ac50f4e076f26dc9b91c10f5717e

Request headers

Accept: */*
Referer: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:32 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO PSA OUR"
access-control-expose-headers: Request-Context
cache-control: no-cache
request-context: appId=cid-v1:6d0f1962-7baa-4f5f-a196-98c68c5c6272
content-type: application/json; charset=utf-8
content-length: 1147
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
4ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=435724410675057&ev=PageView&dl=https%3A%2F%2Fagora.md%2F&rl=&if=false&ts=1615432233481&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615432233478.394437463&it=1615432232813&coo=false&rqm=GET

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 03:10:33 GMT

GET
H2 200 4071097310-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 97E9 112 KB
39 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 20:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 01:25:42 GMT
server: sffe
age: 197565
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39191
x-xss-protection: 0
expires: Tue, 08 Mar 2022 20:17:48 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/972645696/ 42 B
432 B 28ms
27ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972645696/?random=1615432232904&cv=9&fst=1615431600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fagora.md%2F&tiba=AGORA%20-%20Acas%C4%83&async=1&fmt=3&is_vtc=1&random=1965045305&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/972645696/ 42 B
530 B 41ms
25ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972645696/?random=1615432232904&cv=9&fst=1615431600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg330&sendb=1&frm=0&url=https%3A%2F%2Fagora.md%2F&tiba=AGORA%20-%20Acas%C4%83&async=1&fmt=3&is_vtc=1&random=1965045305&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ Frame 025D 84 KB
33 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W49TZHX&cid=827635677.1615432234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6273328dc9268d8cc3eac89d8451ccfaf59fcb4c0aa13c7ad0c75e595004fb47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33931
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:33 GMT

GET
H2 200 867719186706401 Show response
connect.facebook.net/signals/config/ Frame 025D 241 KB
69 KB 166ms
164ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/867719186706401?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e6bd7480604064c948ac5c6e79511a8cbf899a62f86696b8b4a3d8c38bb867e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: OfWBAjfoE8WeF/PT8mA3Eybo8cATrrCzURsrtWiIpgzpAvitenPnRjjFlpFRgj7qFwznJAzTPGPpZQf3jaICmA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Mar 2021 03:10:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 52ms
51ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:02 GMT
server: nginx
etag: W/"6034f112-7029"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:37+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:27 GMT

GET
H2 200 ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 65ms
64ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:15 GMT
server: nginx
etag: W/"6034f11f-a7af"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:44+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:14:27 GMT

GET
H2 200 ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 64ms
53ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:15 GMT
server: nginx
etag: W/"6034f11f-326c"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:37+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:27 GMT

GET
H2 200 c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 57ms
53ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:13 GMT
server: nginx
etag: W/"6034f11d-2a79"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:37+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:27 GMT

GET
H2 200 65272011cc1731a55c6d.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
73 KB 62ms
60ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/65272011cc1731a55c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e17ea6db32d44acaf74ced343aaa5ee50facbe79f847fa0758a9d3dabaf4df98

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 12:12:06 GMT
server: nginx
etag: W/"6034f116-354e7"
vary: Accept-Encoding
x-cached-since: 2021-02-23T12:16:37+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 8641365102716749310
expires: Thu, 24 Feb 2022 12:15:27 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F

28 B
554 B

38ms
36ms

Script
text/javascript

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

de1fda29e8904c4bf2f6d0ef768dca299bd07fdb82c1a8c387d48f3d1daa69b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 148
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_732358&url=https%3A%2F%2Fagora.md%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F

28 B
554 B

37ms
36ms

Script
text/javascript

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dac6d7ada1a7d85876babe58d966f4d5d23cf2a6e783ca6a656104f431f51702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 148
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT
server: nginx
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_375241&url=https%3A%2F%2Fagora.md%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C0F5 2 KB
818 B 85ms
34ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9812228783229124&cpv=70add498-5be7-17a0-df57-85e8f55810e3&responseType=default&uids=%7B%7D&data=%7B%22id%22%3A%22f38b867f-3f04-2be1-eb32-a04fba6aa0dc%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fagora.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218ab9293-cf02-60db-5874-471f519f638d%22%2C%22tagid%22%3A%221169d17c-f3a1-49cc-8727-7da979986775%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1169d17cf3a149cc87277da979986775_zone_32042_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22d13841b1-d47a-d2a9-f882-f9fb790ffeab%22%2C%22tagid%22%3A%22ec8f5991-f498-4fd5-8e1b-ceeea59c3f9d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ec8f5991f4984fd58e1bceeea59c3f9d_zone_32045_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22588931b2-891d-ff51-17c5-cd8c9a526209%22%2C%22tagid%22%3A%22c9c16ce7-62c3-4571-8df3-fe69eb7e08f1%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_c9c16ce762c345718df3fe69eb7e08f1_zone_32046_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221ed6cb26-3085-9568-8bfc-fd4b07590f78%22%2C%22tagid%22%3A%2276fc305e-4afc-40e1-8dd7-4970fa5df232%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_76fc305e4afc40e18dd74970fa5df232_zone_33158_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%223bd4c36e-1728-d057-4735-fad78e1427bc%22%2C%22tagid%22%3A%2229451155-4bcc-4687-b485-4f85c9371b44%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_294511554bcc4687b4854f85c9371b44_zone_33175_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221ebc91af-1f16-711f-eb4b-91d52605e1a4%22%2C%22tagid%22%3A%22e2652ec2-024b-4268-bb8a-52b859f15a57%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_e2652ec2024b4268bb8a52b859f15a57_zone_33184_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22216917d8-fe9e-5df3-9f86-bc80fb964135%22%2C%22tagid%22%3A%22364ff193-c84a-41f3-b809-f2343b8a3827%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_364ff193c84a41f3b809f2343b8a3827_zone_33217_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221800eef8-cd11-f25d-b684-02c70764caf9%22%2C%22tagid%22%3A%2272ece098-30b0-404e-a3f5-3405a9096a2f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_72ece09830b0404ea3f53405a9096a2f_zone_43819_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%223c59491b-d261-b5d2-5bba-776b19d00f20%22%2C%22tagid%22%3A%2279ab3699-3f50-4c52-9263-11c18ed79552%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_79ab36993f504c52926311c18ed79552_zone_43854_sect_10079_site_8138%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22f14ef366-d320-f877-dc6a-dbfc45e94895%22%2C%22tagid%22%3A%229f425965-3cd8-49c4-8bf5-d20eade8310d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_9f4259653cd849c48bf5d20eade8310d_zone_55886_sect_10079_site_8138%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A10%7D&am-uid=null&3rd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59d216e971852f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK idsync
idsync.admixer.co.kr/ 43 B
904 B 1492ms
299ms Image
image/gif 183.110.238.136
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=04182451a2d1411282eb00ae6656fe70
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11-Mar-2021 12:10:34 +0900
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control: private, max-age=0, no-cache, no-store
Connection: close
Content-Type: image/gif;
Content-Length: 43
Expires: Mon, 01 Jan 2000 00:00:00 +0900

GET
H2

404

/
an.yandex.ru/setud/target_rtb/
Redirect Chain

https://match.new-programmatic.com/userbind?src=admixer&id=04182451a2d1411282eb00ae6656fe70
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=2490610225

43 B
392 B

168ms
61ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/target_rtb/?sign=2490610225

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 03:10:34 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Mar 2021 03:10:34 GMT

Redirect headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://an.yandex.ru/setud/target_rtb/?sign=2490610225
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 112ms
25ms Image
text/html 2a0c:5c81:5161::2
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5161::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://agora.md
Access-Control-Allow-Credentials: true

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=04182451a2d1411282eb00ae6656fe70
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=04182451a2d1411282eb00ae6656fe70

43 B
130 B

29ms
29ms

Image
image/gif

176.9.158.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=04182451a2d1411282eb00ae6656fe70
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.158.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.158.9.176.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=04182451a2d1411282eb00ae6656fe70
date: Thu, 11 Mar 2021 03:10:33 GMT
server: nginx
etag: W/"63f3709fd1e3f6125c83b8dc7bc470a955db605c2023b67c3c0b105c709ca2ad"
content-length: 122
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d340f1ec-4b2b-5246-8c3f-05b2ec768f9b

43 B
448 B

27ms
27ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d340f1ec-4b2b-5246-8c3f-05b2ec768f9b

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=d340f1ec-4b2b-5246-8c3f-05b2ec768f9b
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-4748614688
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ANN42s8g5pXv566I_h2wAfw

43 B
448 B

28ms
25ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ANN42s8g5pXv566I_h2wAfw

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:34 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 11 Mar 2021 03:10:33 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ANN42s8g5pXv566I_h2wAfw
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm-notify
ams.creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
252 B

25ms
22ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:33 GMT, Thu, 11 Mar 2021 03:10:33 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 11 Mar 2021 03:10:33 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEB6VYGu5_eE7Iv1zuKjij1I&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70

35 B
351 B

76ms
28ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 112ms
33ms Image
image/gif 54.74.77.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=04182451a2d1411282eb00ae6656fe70&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.74.77.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-74-77-136.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MDQxODI0NTFhMmQxNDExMjgyZWIwMGFlNjY1NmZlNzA&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDdN4c6VuLPGO7T6NvhQfpY&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70

35 B
351 B

68ms
24ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=04182451a2d1411282eb00ae6656fe70
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1 200
OK playlist.m3u8 Show response
cache.privesc.eu/storage/20210310-briefing-candu.mp4/ Frame 025D 127 B
591 B 487ms
84ms XHR
application/vnd.apple.mpegurl 93.116.189.30
MOLDTELECOM-AS Mo...

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.privesc.eu/storage/20210310-briefing-candu.mp4/playlist.m3u8
Requested by: Host: storage.privesc.eu
URL: https://storage.privesc.eu/videojs673/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.116.189.30 Chisinau, Moldova, ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD),
Reverse DNS: host-static-93-116-189-30.moldtelecom.md
Software: WowzaStreamingEngine/4.8.5 /
Resource Hash: 568fe93885785ae318212db636bd5fe0d36bfdf65944424ef3a9710c866aaf7d

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Server: WowzaStreamingEngine/4.8.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: max-age=1
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 127

GET
BLOB 200
OK 3ff2b931-a396-4287-a57e-cc80e84c58ef
https://www.privesc.eu/ Frame 025D 225 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.privesc.eu/3ff2b931-a396-4287-a57e-cc80e84c58ef
Requested by: Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fb39c079273f34d67875ef063df5f31b912077148250e44d4a71194f31a921c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 230160
Content-Type: text/javascript

GET
H3-Q050 200 dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F Show response
adservice.google.de/ddm/fls/i/ Frame FF12 194 B
622 B 42ms
41ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIzGgYOip-8CFQKDewodCMUAAg;src=10024995;type=invmedia;cat=flood0;ord=870872671863;gtm=2wg330;auiddc=972979200.1615432232;~oref=https%3A%2F%2Fagora.md%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Mar 2021 03:10:33 GMT
expires: Thu, 11 Mar 2021 03:10:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 85DC 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 52b6ee57-d3a6-4b04-b2ea-08b6b34125b4.html Show response
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/ 115 KB
20 KB 272ms
99ms XHR
text/html 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/65272011cc1731a55c6d.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: ca61a70bb1d58c863f0032888e36efb81757b2c39cdd96543e6e9696e7c34b5a

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: W/"602e7e9d-1ca46"
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H/1.1 200
OK abe67d73-def7-45a1-951e-67772b67db44.gif
content.admixer.net/test1/630830d7-bd0f-45d0-ba4e-17a9c10acfb7/ Frame 85DC 176 KB
177 KB 275ms
104ms Image
image/gif 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/630830d7-bd0f-45d0-ba4e-17a9c10acfb7/abe67d73-def7-45a1-951e-67772b67db44.gif
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: d72ef26c49b50f3adc9d3b4bc5fd06605500ecceeb783bd6d9b300ee557d1dcc

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 11 Jan 2021 11:52:33 GMT
Server: nginx
ETag: "5ffc3c01-2c1f7"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180727
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 1127ms
1067ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=96bb0a09-0a24-453b-8975-5aca74a5285e&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=709a540e-8f37-41a4-bd7a-e311ae0bbb51&zone=29451155-4bcc-4687-b485-4f85c9371b44&device=28&rule=fef32f9c-1305-4561-aeb1-48d2eac94492&requestId=31008484-3b60-43c8-a803-b646270c903a&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=400x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-344221118&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&crid=96bb0a09-0a24-453b-8975-5aca74a5285e&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:34 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ab2c799b-7947-4c72-bd51-5f8e52ab00e0.png
content.admixer.net/test1/ef84d22f-90a9-47d7-8c5c-5e4800bc5572/ Frame 990C 582 KB
583 KB 276ms
101ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/ef84d22f-90a9-47d7-8c5c-5e4800bc5572/ab2c799b-7947-4c72-bd51-5f8e52ab00e0.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 7b3514001304a35cd05a09021ad470cc9dbd97b8e1772e2c04fc09ef821a69b5

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Dec 2020 15:30:49 GMT
Server: nginx
ETag: "5fc7b329-918e9"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 596201
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 85ms
25ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=57605863-b14c-4b8e-a672-59d5b98ec72a&zone=76fc305e-4afc-40e1-8dd7-4970fa5df232&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=a98b4fd7-92fa-43a3-a05c-3eb6654908aa&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1238085599&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0&hold=1

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 84ms
25ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=dec4c97b-1f5c-4386-847c-f03571feeb61&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=1f683b0c-f871-4ec7-b3f9-2b5d3f60c135&zone=1169d17c-f3a1-49cc-8727-7da979986775&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=23e9d7bf-c83a-418e-953e-298450a96dc9&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1759400033&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=dec4c97b-1f5c-4386-847c-f03571feeb61&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0&hold=1

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 97E9 14 B
330 B 95ms
78ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fagora.md&client_id=202955886991-rm2c7qhrfearppr5de5kftbdpnocbonu.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 11 Mar 2021 04:10:33 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 025D 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=867719186706401&ev=PageView&dl=https%3A%2F%2Fwww.privesc.eu%2FWidget%2Fembeded%2F%25C3%258Enregistrare%2FMoldova%2CParlament%2CGuvern%2CConferinte%2COfflineuri%2CEmisiuni%2CRIA%2CConcerte%2CRetransmisiuni%2CSport%2CMonden%2CAltele%2C&rl=https%3A%2F%2Fagora.md%2F&if=true&ts=1615432233985&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1615432233538&coo=false&rqm=GET

Requested by

Host: www.privesc.eu
URL: https://www.privesc.eu/Widget/embeded/%C3%8Enregistrare/Moldova,Parlament,Guvern,Conferinte,Offlineuri,Emisiuni,RIA,Concerte,Retransmisiuni,Sport,Monden,Altele,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 03:10:33 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
75 B 7ms
7ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryojWles6oVWJrJRLl

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 11 Mar 2021 03:10:34 GMT
content-type: text/plain
access-control-allow-origin: https://agora.md
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0862 58 KB
19 KB 32ms
32ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

5f6a9766ec8b5ae52e9c91ad319e62d0402299c75115cc5dbb804767fb186329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "808 / 685 of 1000 / last-modified: 1615418199"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19653
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 27ms
26ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=f34e2a12-1873-45cf-a327-13f884b02f8c&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=18&profile=4c02eb63-7790-4196-82b4-5362f7ab3a87&zone=c9c16ce7-62c3-4571-8df3-fe69eb7e08f1&device=28&rule=e0585784-0446-43aa-ae3a-8ae3935a885c&requestId=da62ede9-e75a-496c-9148-8ff1c278dfc6&page=agora.md%2F&hp=136051404&size=240x350&adv=Adform&dsp=Adform&ts=637510290331560143&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=f34e2a12-1873-45cf-a327-13f884b02f8c&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Mar 2021 03:10:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 26ms
26ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=BE/BRU/2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&zone=c9c16ce7-62c3-4571-8df3-fe69eb7e08f1&rule=6005bad1-bca1-4dc0-8177-2c6414e94d1d&requestId=da62ede9-e75a-496c-9148-8ff1c278dfc6&page=agora.md%2F&hp=136051404&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&inst=ADS-EU-1&ts=637510290331560143&sf=0

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:34 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 50ms
28ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=f34e2a12-1873-45cf-a327-13f884b02f8c&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=18&profile=4c02eb63-7790-4196-82b4-5362f7ab3a87&zone=ec8f5991-f498-4fd5-8e1b-ceeea59c3f9d&device=28&rule=e0585784-0446-43aa-ae3a-8ae3935a885c&requestId=dc380b75-4042-4a66-9188-f281e2cac0ca&page=agora.md%2F&hp=136051404&size=240x350&adv=Adform&dsp=Adform&ts=637510290331560143&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=f34e2a12-1873-45cf-a327-13f884b02f8c&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Mar 2021 03:10:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050 200 pubads_impl_2021031001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0862 284 KB
100 KB 33ms
33ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 09:39:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102356
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H/1.1 200
OK chunklist.m3u8 Show response
cache.privesc.eu/storage/20210310-briefing-candu.mp4/ Frame 025D 2 KB
2 KB 84ms
83ms XHR
application/vnd.apple.mpegurl 93.116.189.30
MOLDTELECOM-AS Mo...

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.privesc.eu/storage/20210310-briefing-candu.mp4/chunklist.m3u8
Requested by: Host: storage.privesc.eu
URL: https://storage.privesc.eu/videojs673/video.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.116.189.30 Chisinau, Moldova, ASN8926 (MOLDTELECOM-AS Moldtelecom Autonomous System, MD),
Reverse DNS: host-static-93-116-189-30.moldtelecom.md
Software: WowzaStreamingEngine/4.8.5 /
Resource Hash: 351c0ca87ce6748819a16c03b76941c52647ceacb8b3b9d737ae100f1c98f836

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:31 GMT
Server: WowzaStreamingEngine/4.8.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: max-age=1
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Range
Content-Length: 1770

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 5237 128 KB
44 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/65272011cc1731a55c6d.b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85dd3fbfd058e5a132a056f129863c9a25086b8104f41889b4ba18219831d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44337
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 01:22:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:15:21 GMT

GET
H/1.1 200
OK e701c0b5d4ab46988fe997a9272037ee.js Show response
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/js/ Frame 5237 341 B
719 B 163ms
53ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/js/e701c0b5d4ab46988fe997a9272037ee.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/65272011cc1731a55c6d.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: e1663efb90ff10ff634403e52d8eea5907eb9ab508562be2827222daa2231256

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: W/"602e7e9d-155"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://agora.md
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 0862 107 B
799 B 65ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=agora.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0862 107 B
294 B 17ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=agora.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0862 80 KB
27 KB 494ms
493ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=19172924890509&correlator=2178175743912170&output=ldjh&impl=fifs&eid=31060433%2C31060296&vrg=2021031001&ptt=17&sc=1&sfv=1-0-37&ecs=20210311&iu_parts=22047939796%2Cagora.md%2Cadmixer%2Chalfpage%2C300x600&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x600&cookie=ID%3D5d539d799ea58590-222d4dab07a70033%3AT%3D1615432232%3ART%3D1615432232%3AS%3DALNI_MautR1486PLq2Nr9mH2J1XaY_NaRA&cdm=agora.md&bc=31&abxe=1&lmt=1615432234&dt=1615432234217&dlt=1615432234024&idt=169&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1090&adys=3882&adks=3095269967&ucis=rrb8uicbbqsk&ifi=1&ifk=3003158840&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fagora.md%2F&top=https%3A%2F%2Fagora.md%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=608810801.1615432233&ga_sid=1615432234&ga_hid=1383390517&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3f699ad3eafd375a67f55d9bd9f0e3586fd0cdecae1aeaa9b5216f155f6521b3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3Q7YOip-8CFTPnuwgdy1EKOQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10099626068075771695/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL3Q7YOip-8CFTPnuwgdy1EKOQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10099626068075771695/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27175
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 11 Mar 2021 03:10:34 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://agora.md
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0862 0
0 29ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0862 0
0 8ms
7ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK e701c0b5d4ab46988fe997a9272037ee.js Show response
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/js/ Frame 5237 341 B
719 B 88ms
53ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/js/e701c0b5d4ab46988fe997a9272037ee.js
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: e1663efb90ff10ff634403e52d8eea5907eb9ab508562be2827222daa2231256

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: W/"602e7e9d-155"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://agora.md
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H/1.1 200
OK abe67d73-def7-45a1-951e-67772b67db44.gif
content.admixer.net/test1/630830d7-bd0f-45d0-ba4e-17a9c10acfb7/ Frame 85DC 176 KB
177 KB 64ms
63ms Image
image/gif 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/630830d7-bd0f-45d0-ba4e-17a9c10acfb7/abe67d73-def7-45a1-951e-67772b67db44.gif
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: d72ef26c49b50f3adc9d3b4bc5fd06605500ecceeb783bd6d9b300ee557d1dcc

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 11 Jan 2021 11:52:33 GMT
Server: nginx
ETag: "5ffc3c01-2c1f7"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180727
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H/1.1 200
OK ab2c799b-7947-4c72-bd51-5f8e52ab00e0.png
content.admixer.net/test1/ef84d22f-90a9-47d7-8c5c-5e4800bc5572/ Frame 990C 582 KB
583 KB 58ms
57ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/ef84d22f-90a9-47d7-8c5c-5e4800bc5572/ab2c799b-7947-4c72-bd51-5f8e52ab00e0.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 7b3514001304a35cd05a09021ad470cc9dbd97b8e1772e2c04fc09ef821a69b5

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:13 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Dec 2020 15:30:49 GMT
Server: nginx
ETag: "5fc7b329-918e9"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 596201
Expires: Sat, 12 Mar 2022 03:09:13 GMT

GET
H2 200 container.html Show response
ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EACD 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 11 Mar 2021 03:10:34 GMT
expires: Fri, 11 Mar 2022 03:10:34 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0862 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0862 8 KB
6 KB 20ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e4fc1f8afab95822629898bf4865965899c5e99b264e39cb1c8821c2af9316b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6401
x-xss-protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 30ms
30ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=57605863-b14c-4b8e-a672-59d5b98ec72a&zone=76fc305e-4afc-40e1-8dd7-4970fa5df232&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=a98b4fd7-92fa-43a3-a05c-3eb6654908aa&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1238085599&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0&hold=1

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:34 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/ Frame D38E 1 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0efa255a93ccda30f3942badb9690a0cef55960a4d684ca0d381a4651d407c68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10099626068075771695/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 565
date: Wed, 10 Mar 2021 23:03:49 GMT
expires: Thu, 10 Mar 2022 23:03:49 GMT
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14805
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EACD 0
0 60ms
60ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCz2MKopJYL2TELPO7_UPy6OpyAPPsKm2Yfv-nbeEDZiZgoKDIhABINin_XxgufjHgNwBoAHUndGjA8gBCakCBD5OZdACtD7gAgCoAwHIAwiqBPwBT9DID7Pqi8c5yTqb_GEsNL9101dDOI84FDThkff-2wsJtSyCKxrQOswZ4Dt1A3NZk-rrOkm9xUOJlbfkzyT6-EG3VDFHNI9JOHVIi-YJTkdG0x7aJXoVdZzTBug9HIg4s8BG2EyWskmkwVoRrjzW6T413B79byHlKnYe9cMrdJbLjVompr1uJGBNrn_RJJRm_ylxyHUtqqon07LH0NAjowmJzZH9lkeY1BUpifnJtRs74n7AMZgZo-kpQ-8EI9nX4xbr1gGOo1Axb8HSd0Gnc2y-Qn5wsii1HERd7qWWp7WvlD5QdLsd7kiKdbu-IDmIeSpcWx4OmTNy_p1uwASHsOncvwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlOKuXKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC8tFfSCAkIgOGAEBABGB2ACgHICwHYEw2yFxoKGAgAEhRwdWItOTU3NjE5NjA0NTIzMzQwNA&sigh=glTO5rJ-ykQ&template_id=419&tpd=AGWhJmt-gRT3f5D3EXGo3h221DgtiyuwDqZh2Mff2pWGFGc32g
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame EACD 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7138
x-xss-protection: 0
server: cafe
etag: 7904608329869157807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 03:05:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame EACD 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 6751271179024913178
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 02:21:40 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EACD 112 KB
34 KB 45ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378840307797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34576
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame EACD 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5996
x-xss-protection: 0
server: cafe
etag: 15528521553155206461
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 03:03:53 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0862 17 KB
6 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js?31060433

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 25ms
25ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=72ece098-30b0-404e-a3f5-3405a9096a2f

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Mar 2021 03:10:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF49 143 B
222 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Mar 2021 02:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1750
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D38E 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D38E 22 KB
9 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/ Frame D38E 839 B
2 KB 10ms
7ms Stylesheet
text/css 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fe3c20e5672e6633bb21e1fa62132c22d5e6f44242bc6968a25abe0a286c72c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 14773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 407
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Wed, 10 Mar 2021 23:04:21 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 23:04:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ Frame D38E 81 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 02:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88677
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29195
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Mar 2022 02:32:37 GMT

GET
H2 200 tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D38E 113 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38738
x-xss-protection: 0
last-modified: Thu, 31 May 2018 15:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Mar 2021 03:10:34 GMT

GET
H3-Q050 200 animation.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/ Frame D38E 626 B
498 B 9ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/animation.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e7b23185c4a23bd678bdda50bfbae606f96e41e02e1af130d7af2ba41f7ead0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 500985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Fri, 05 Mar 2021 08:00:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 08:00:49 GMT

GET
H3-Q050 200 1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/ Frame D38E 36 KB
36 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e99fb04efa04f6f962099637f4ca42211f16e23e33cff1532058d0e3b6ed701e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 203842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37265
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Mon, 08 Mar 2021 18:33:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 18:33:12 GMT

GET
H3-Q050 200 2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/ Frame D38E 12 KB
13 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10099626068075771695/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fcdea3d056dd6cb1d81b16410d23afe780bf830156b1ed00b560cea0d5234be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 590808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12744
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Thu, 04 Mar 2021 07:03:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 07:03:47 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 7776 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 10 Mar 2021 22:19:08 GMT
expires: Thu, 10 Mar 2022 22:19:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17486
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EACD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5635b26bde0c2052b209df884103e9edc15e10a490083163c45a95e1bed4fd6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 25ms
24ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=1169d17c-f3a1-49cc-8727-7da979986775

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Mar 2021 03:10:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 28ms
25ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=96bb0a09-0a24-453b-8975-5aca74a5285e&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=709a540e-8f37-41a4-bd7a-e311ae0bbb51&zone=29451155-4bcc-4687-b485-4f85c9371b44&device=28&rule=fef32f9c-1305-4561-aeb1-48d2eac94492&requestId=31008484-3b60-43c8-a803-b646270c903a&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=400x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-344221118&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&crid=96bb0a09-0a24-453b-8975-5aca74a5285e&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0

Requested by

Host: agora.md
URL: https://agora.md/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:34 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF49
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

16ms
15ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
URL: https://ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Mar 2021 03:10:35 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 11-Mar-2021 04:10:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Mar 2021 03:10:35 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Mar 2021 03:10:35 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7776 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 10:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 147363
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Wed, 09 Mar 2022 10:14:32 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198aa61b318b4895c5d82b21c7a7a35707182f78d56788f69bdcd184a38b8609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Mar 2021 03:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6579
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Mar 2021 03:10:35 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FC72 12 KB
5 KB 13ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://agora.md/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://agora.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 10 Mar 2021 22:19:08 GMT
expires: Thu, 10 Mar 2022 22:19:08 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17487
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 50912840 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 294ms
57ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50912840?wmode=0&wv-part=1&wv-hit=800069267&page-url=https%3A%2F%2Fagora.md%2F&rn=263712849&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1615432235%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A202103110401035%3Au%3A1615432233480746435%3Avf%3A1d7r6afuymvj624d%3Ati%3A2%3Ast%3A1615432235

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:35 GMT
last-modified: Thu, 11-Mar-2021 03:10:35 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:35 GMT

POST
H2 200 50912840 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 180ms
57ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50912840?wmode=0&wv-part=1&wv-hit=800069267&page-url=https%3A%2F%2Fagora.md%2F&rn=254122443&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1615432235%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A202103110401035%3Au%3A1615432233480746435%3Avf%3A1d7r6afuymvj624d%3Ati%3A2%3Ast%3A1615432235

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:35 GMT
last-modified: Thu, 11-Mar-2021 03:10:35 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:35 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 29ms
28ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=dec4c97b-1f5c-4386-847c-f03571feeb61&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=1f683b0c-f871-4ec7-b3f9-2b5d3f60c135&zone=1169d17c-f3a1-49cc-8727-7da979986775&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=23e9d7bf-c83a-418e-953e-298450a96dc9&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1759400033&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=dec4c97b-1f5c-4386-847c-f03571feeb61&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0&hold=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:10:35 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050 200 WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js Show response
pagead2.googlesyndication.com/bg/ Frame FC72 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WX7IimsAo_RF7a_KStWqUkPmmU8kKH6_0S6PX737N0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 10:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 147363
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5688
x-xss-protection: 0
expires: Wed, 09 Mar 2022 10:14:32 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 025D 44 B
261 B 13ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=867719186706401&ev=Microdata&dl=https%3A%2F%2Fwww.privesc.eu%2FWidget%2Fembeded%2F%25C3%258Enregistrare%2FMoldova%2CParlament%2CGuvern%2CConferinte%2COfflineuri%2CEmisiuni%2CRIA%2CConcerte%2CRetransmisiuni%2CSport%2CMonden%2CAltele%2C&rl=https%3A%2F%2Fagora.md%2F&if=true&ts=1615432235621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Briefing%20de%20pres%C4%83%20sus%C8%9Binut%20de%20pre%C8%99edintele%20Grupului%20parlamentar%20PRO%20MOLDOVA%2C%20Andrian%20Candu%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1615432233538&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.privesc.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 03:10:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 11 Mar 2021 03:10:35 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0862 0
46 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=19172924890509&bg=!GxilGFvNAAUO7zDoDjsAKQB2-Dxaamv9znP8nMIRpSFl_d6qm-fJpK5_28WnGPvQ_aUNYhiSfHqBAgAAAlRSAAAAG2gBBwoBdzaGKhG2n-u9ZBOHg9mjBlNppi6hcAqvTNCqrZzfHd3SQDBF2C3iOk2b845dzo0ccsQioqPKe1CXbyTcWsqRAfRpAVwZPYCiQ7kAelFZBt89cvBeBQkvEJkDJQEspnnYfZzpftmGDxm5WdFda8e39H3isQAhr8a5KM8SUxLVrUclI8Nyn1lfkyX40BNaDQTu2j2Ul2t6TszBSkpTrG-kMVUfpULDyJc7mPdgzBScG8HH7Lzklvr4_fINo1dycz_gwL6_A_tmXUIn2UCqM3z0pNsnJpN91CWcVRKThNmQkZtmRna8cHvMv-ztySrdcrcAjwpehHeiFp7oo6LbZOEKkiMOiLo1TDOjlYbFQNvwcZDKIIZJleDDUDerYE7u-n9Nm72wCK1x10AzD2Ah-VQU8gM26bnmrPg7g13CABiFzM4SKJcFVwS5MZv-0jpTYV7kuYIHKQn2EpflrI-iAxrkWaiGyRHRXFAmttleDdwgAaqvOjN9WJC-hZkCCoIZ5q88fKn7zW0JzoHXDKP8Cb4GoidN1KBoNqW3pjiQJB0BKCSpZ2UHCvmnf9okUPzbqyfnden9K5GGl1qqAiETdWYBIVS0m56cfjNBGvMbPMwouFVJMor6FB3qYfVncAJCtZi4PUp7Z8vUcBzf0s8iJJyDFS4P5xX10WGQzZhM6uJ7CizIp54fEv9yJBLrqJtEozEzPbWC-9jI3aehcZY4a68ct4jzJSgnyMrAPoa4qrgUuHOP18VgSW1kzs-A_6j-9SIyGWay2gdMcQjMZnoaM-1p20pNFQmC7I0g7UJLre3S_My8-cJWTywA_jSqQopJW7ycHdGg7yUqsYz5prILBsxPaNbgAZVXBFz7XdSHHRLpmUoBp1suAJD-cxyzkrJC2tFpdMngeFpizBHebZHsBQMauVCQzAUX_XwVc6rnOzJ6rftWhEbqmRJSuwKJgdB9x1goKUFucJg0T003pNXEpUtibvvPejErPM2gRH_TWg7PzR8MNn4SfqtYpCaB9TpMJUy1MEG3hUritzTdClHJ-CEr8ppOH7Q1vAumXbB7AnUWAIbuccvhsoal_YLhfmhwhjMwy0vxjtpa2CNCxfnuuRJd_75s7F3dpID7Zvc6Tzo6g_i1vl69gFNksGrgCIsfMdLE6ev5M55QMXtEQCZiyH8fbAWUN8DSwDv72a5vbONRSIZHa3E7rg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=2042484931785773&bg=!S0ilSAvNAAUO7zDoDjsAKQB2-DxakEcakCrgwRWEFkbQ_otH4LHVC4r_fL3MEwFs2DTajjPEUrQMAgAAAXlSAAAAKWgBBwoAITmUexo4byoSVXLoHoUSdZJEIawmbmezU90GEE_U3P7JBpkCDfNsOoZLCgqZ0tfNzINLWrzCkWWUuJHjbo0cZXEOY6FgVhkYydOk2K9iUUOIvt3Jdj-ZQ2zLZPF10gqbrPGgKWhCs5vum_GU1YAD22Wcad-o_PVNE_QMngtn5X7d6G81Cci64PRN7TAl6kqIOHTv0bER_bZSMBY4knVqp8G_hpnym_kcYBR01pSQA7m5qYHeRpRR0Jo40FbEVcvhDePygBpxF78pyEm7uHtS37k6MNaKLQ4VZ_urQkwO9AqGgN4mazuP6WpRRt7JaCnyK4FzD1CyZjBkwsaDlb_-Yv4QhFr3KAAbVpMXTgidscYbdMJYD0OUG2fIfwBSQnjW8wKrI66Edzb53o59SoaGmgNcQkKQo-4QROe7Y7QUfc9K9xvoC96iOX1vrbfrl2axbj5vMIhZNtKoiSBR4bLqHOdfWyAiRSrUdj0C2bSkr9qMPWZTPoBcQULPKh-p_PdeHwyjpIrvPujJridyI_f14-EkS3dg1soaBlb3oORAvMdpOAcOHvi5cMK4PoVr9HoBTjOt3p4Zpu0_sUei3N3bwi7_jB-8e9mV5z45YtcDZAvIZGyY-dYNMbH6Gctqzw9SZhEGcqvEIixChFL7gULf-R-ziRuKfd6YX7ZoFSPeHnq8GEErcAbgfXVtTslNIfTbFuX08iZxPdw5wSJbuBJJyy_ypMbflWk8mHKLWshgmPJlwQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 19ms
13ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-9576196045233404&su=agora.md&doc=complete&pg_h=6043&pg_w=1600&pg_hs=6043&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lacata_1.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 6 KB
7 KB 54ms
53ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/lacata_1.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: aa42581b3521b7d1c3fcc18900a2d65dad3b1827d1dfb0332e76ee4e05657448

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:15 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-19ed"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6637
Expires: Sat, 12 Mar 2022 03:09:15 GMT

GET
H/1.1 200
OK 1_Asset_2.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 4 KB
5 KB 54ms
53ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/1_Asset_2.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 180b58f262b99069208a6d08ede80f5fbf19d2ad29d15d24b9c538a908911c8d

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:15 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-10f2"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4338
Expires: Sat, 12 Mar 2022 03:09:15 GMT

GET
H/1.1 200
OK in_24_ore.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 3 KB
3 KB 56ms
54ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/in_24_ore.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 5db6909ed75320a836bf23d9d6f17397ffcd5cef5118867850a944f0341312e5

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:15 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-b79"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2937
Expires: Sat, 12 Mar 2022 03:09:15 GMT

GET
H/1.1 200
OK asset1.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 3 KB
4 KB 55ms
53ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/asset1.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 9301aaeed0934d3d3a61f569dc74d59174aed00048d9c6e2de59d8ec729042c7

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:15 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-cea"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3306
Expires: Sat, 12 Mar 2022 03:09:15 GMT

GET
H/1.1 200
OK Asset_1_1.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 17 KB
17 KB 204ms
95ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/Asset_1_1.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 1d50ff66c5141d8b8c7f39eb848cd2c5486544b133fd34ebbc5fd4ecb693447f

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-425c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16988
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK Asset_2.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 10 KB
11 KB 165ms
56ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/Asset_2.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 0aa095b0b2e8af1d4ccf5081bbe64923d59ff27b67571074c03c0a275ca5cf81

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-2906"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10502
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK family3.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 49 KB
50 KB 141ms
91ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/family3.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: eb64f247eedf115966d4db9c0e209b8ffeb7e1da0c15d83d289f342e1ac3e3c5

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-c517"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50455
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK chieie.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 13 KB
14 KB 106ms
58ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/chieie.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: a4f95dde2752eb5f12718a2c128f3583585770196a341faccceb95381b6f8d57

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-35ef"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13807
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK APLICA.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 5 KB
5 KB 103ms
54ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/APLICA.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: e31001d4562b4db7690dd6f6c207587296446987ed2e7a14cfd545ec09a041fd

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-1302"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4866
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK logo_1.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 12 KB
12 KB 174ms
74ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/logo_1.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 30a2ce5fc48194f663cffccfe408b103f4f6c1ccbdf7b5cf7861efe4ac38523d

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-2f29"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12073
Expires: Sat, 12 Mar 2022 03:09:16 GMT

GET
H/1.1 200
OK burtiera.png
content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/ Frame 5237 6 KB
6 KB 101ms
54ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/b66e9a54-1d2f-4b3d-b9b7-51b6b063b161/52b6ee57-d3a6-4b04-b2ea-08b6b34125b4/images/burtiera.png
Requested by: Host: agora.md
URL: https://agora.md/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Chernihiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 5f7166f65fb26478843bd579a39a0866aed12451546f829378252349726f958b

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:09:16 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 18 Feb 2021 14:50:05 GMT
Server: nginx
ETag: "602e7e9d-163c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5692
Expires: Sat, 12 Mar 2022 03:09:16 GMT

POST
H2 200 50912840 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50912840?wmode=0&wv-part=2&wv-hit=800069267&page-url=https%3A%2F%2Fagora.md%2F&rn=153806716&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1615432237%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A202103110401037%3Au%3A1615432233480746435%3Avf%3A1d7r6afuymvj624d%3Ati%3A2%3Ast%3A1615432237

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://agora.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Mar 2021 03:10:37 GMT
last-modified: Thu, 11-Mar-2021 03:10:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://agora.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Mar-2021 03:10:37 GMT

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:43:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 16:43:53	Name: test_cookie Value: CheckForPermission
.agora.md/	1970-01-20 02:05:28	Name: __gads Value: ID=5d539d799ea58590:T=1615432232:S=ALNI_MY3V5wWlYQfZ9req33GbLZKZSPcHQ

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=96bb0a09-0a24-453b-8975-5aca74a5285e&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=709a540e-8f37-41a4-bd7a-e311ae0bbb51&zone=29451155-4bcc-4687-b485-4f85c9371b44&device=28&rule=fef32f9c-1305-4561-aeb1-48d2eac94492&requestId=31008484-3b60-43c8-a803-b646270c903a&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=400x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-344221118&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&crid=96bb0a09-0a24-453b-8975-5aca74a5285e&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=57605863-b14c-4b8e-a672-59d5b98ec72a&zone=76fc305e-4afc-40e1-8dd7-4970fa5df232&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=a98b4fd7-92fa-43a3-a05c-3eb6654908aa&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1238085599&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=dec4c97b-1f5c-4386-847c-f03571feeb61&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&profile=1f683b0c-f871-4ec7-b3f9-2b5d3f60c135&zone=1169d17c-f3a1-49cc-8727-7da979986775&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=23e9d7bf-c83a-418e-953e-298450a96dc9&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1759400033&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=dec4c97b-1f5c-4386-847c-f03571feeb61&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=BE/BRU/2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=4&zone=c9c16ce7-62c3-4571-8df3-fe69eb7e08f1&rule=6005bad1-bca1-4dc0-8177-2c6414e94d1d&requestId=da62ede9-e75a-496c-9148-8ff1c278dfc6&page=agora.md%2F&hp=136051404&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&inst=ADS-EU-1&ts=637510290331560143&sf=0
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 0.000s] [studio.sdk]
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=57605863-b14c-4b8e-a672-59d5b98ec72a&zone=76fc305e-4afc-40e1-8dd7-4970fa5df232&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=a98b4fd7-92fa-43a3-a05c-3eb6654908aa&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1238085599&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb2c59bb-894f-47d5-b5ce-9240cda1c4e0&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=72ece098-30b0-404e-a3f5-3405a9096a2f
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=1169d17c-f3a1-49cc-8727-7da979986775
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=96bb0a09-0a24-453b-8975-5aca74a5285e&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=709a540e-8f37-41a4-bd7a-e311ae0bbb51&zone=29451155-4bcc-4687-b485-4f85c9371b44&device=28&rule=fef32f9c-1305-4561-aeb1-48d2eac94492&requestId=31008484-3b60-43c8-a803-b646270c903a&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=400x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-344221118&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&crid=96bb0a09-0a24-453b-8975-5aca74a5285e&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 1.044s] [studio.sdk] Using default ad parameters in test environment. Simulating local events.
console-api	log	URL: https://cdn.admixer.net/scripts3/6fa96355928421f02a02.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=dec4c97b-1f5c-4386-847c-f03571feeb61&cc=BE%2FBRU%2F2800866&am-uid=04182451a2d1411282eb00ae6656fe70&cet=9&profile=1f683b0c-f871-4ec7-b3f9-2b5d3f60c135&zone=1169d17c-f3a1-49cc-8727-7da979986775&device=28&rule=6e365056-b5e0-431b-9c5b-55d397203afc&requestId=23e9d7bf-c83a-418e-953e-298450a96dc9&page=agora.md%2F&hp=136051404&sw=[e=screen.width]&sh=[e=screen.height]&size=1200x250&adv=N%2FA&dsp=ADMIXER+Moldova&ts=637510290331560143&ap=MS45NQ%3D%3D&asign=-1759400033&markups=ZG1wZj0wLjAwJmRtcHA9VHJ1ZSZjcnRmPTAuMDAmY3J0cD1UcnVlJmNydGF0cz0wLjAwJmFkbWY9MC4wMCZhZG1wPVRydWUmdGRmPTAuMDAmdGRwPVRydWUmdG90Zj0wLjAwJnRvdHA9VHJ1ZQ==&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=dec4c97b-1f5c-4386-847c-f03571feeb61&pvid=670f20e1-4e1c-4db4-9cfe-52c120a62780&extpubid=4460243e-bee8-455d-b940-7b2eb4257b2c&inst=ADS-EU-1&pxl=0&dmp_pr=MC4wMDAw&sf=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10024995.fls.doubleclick.net
accounts.google.com
ad.adriver.ru
ads.betweendigital.com
adservice.google.be
adservice.google.com
adservice.google.de
adx.adform.net
agora.md
ajax.googleapis.com
ams.creativecdn.com
an.yandex.ru
apis.google.com
cache.privesc.eu
cdn.admixer.net
cm.g.doubleclick.net
connect.facebook.net
content.admixer.net
creativecdn.com
ee3e64d66e8809024383024b23506616.safeframe.googlesyndication.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
googleads.g.doubleclick.net
idsync.admixer.co.kr
inv-dmp.admixer.net
inv-nets-eu.admixer.net
inv-nets.admixer.net
ismatlab.com
m.trafmag.com
match.new-programmatic.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.console.adtarget.com.tr
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.hotjar.com
stats.g.doubleclick.net
storage.privesc.eu
tpc.googlesyndication.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.privesc.eu
13.226.159.117
137.74.0.146
142.250.185.194
142.250.185.198
142.250.185.98
146.0.227.110
161.35.200.35
172.217.16.130
176.9.158.88
183.110.238.136
185.184.8.30
185.46.149.20
188.42.196.115
193.200.65.6
195.209.108.36
217.65.2.150
2606:4700:20::681a:4b1
2606:4700::6812:acf
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c1b::9b
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a0c:5c81:5161::2
37.157.4.24
40.118.27.163
51.89.9.254
54.74.77.136
65.9.96.45
65.9.96.51
93.116.189.30
043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257
04663c266755839c4b2e26190644235f4726102f96fef17fb33b900d72e0384b
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06ab062274809dd2d077438e17816f695e859563d8b4fb5db5eeb53df48dc7b9
08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aa095b0b2e8af1d4ccf5081bbe64923d59ff27b67571074c03c0a275ca5cf81
0efa255a93ccda30f3942badb9690a0cef55960a4d684ca0d381a4651d407c68
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fc4eca7bfc302938d3da4a481e28b92806fb72dcd27d7d387c226474d9687c2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13cee72395d5b35b1f2349646c5d5457edacc58068a42f4dfd4f903a78d47470
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180b58f262b99069208a6d08ede80f5fbf19d2ad29d15d24b9c538a908911c8d
198aa61b318b4895c5d82b21c7a7a35707182f78d56788f69bdcd184a38b8609
1a66f77e8072fd1f9613e7ceb16dfedb7514ac50f4e076f26dc9b91c10f5717e
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1c3ca81c4bd9811c6f5d067d51a0679a1a6baa814d8a5f8de5d07274b52bbd97
1d50ff66c5141d8b8c7f39eb848cd2c5486544b133fd34ebbc5fd4ecb693447f
1e6bd7480604064c948ac5c6e79511a8cbf899a62f86696b8b4a3d8c38bb867e
203b7fb88d2e858bb02083129c0e7b011d6b21838564f69b3c9fa2d3ec1ae9ab
270a949c70c6e367616c1556229a647d54d3d8d5a96fc8f5a68773bb8a26cb7f
27e58c490ae998fe9d2859e508e34f3c899e906520fe9bee5701fdc2cba50b48
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28c71e32bc6d2731760de07b91a5caeac960679621f2444d4e149df251b85a7d
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
291d8bc81f0631b9bdd2bc595c56ba3ccf701da6e114f67946f216baec0985df
2930ddaa9413c6d6f50ef49498cb2f4aab522b53a9c73f52786e6294e37e4b93
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
2ec30550276f850de7e54c7a04cd63143aad4121c36113d3b1e6bf6b7ec611a3
30a2ce5fc48194f663cffccfe408b103f4f6c1ccbdf7b5cf7861efe4ac38523d
351c0ca87ce6748819a16c03b76941c52647ceacb8b3b9d737ae100f1c98f836
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e1de8c47550c5f55e35bc2b5e29d4ee0c979849af2746fd91d2ba3d8701524
38ee0aea53436cd84812e1401d6f7bb0c289e6badf1191a686140f75a73fc4ba
3a4b4de33e6c2575046d020446050fca3aa83b977575a7153e02630e288b6bf7
3c6db26e6c5fa26c518e27c9771abf80b6d679857992dd771c3bf585cece053d
3f699ad3eafd375a67f55d9bd9f0e3586fd0cdecae1aeaa9b5216f155f6521b3
40233b426de40691984607e4bedc49bb34d2a74c8b296abd729d60a1504d6a41
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
469d645cbf87e8def3e7d9e68fdc3c85f4c67e1b5c20ca4c3916a68dea8578ff
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a3c14229509146b677f2185585a521bba1b88b90cad586f8406b54122f1fa93
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4f3a5c174c6efb8c912d4b18c6006dfd453233b2f0e568c0d530c430b9d02c55
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
4fb39c079273f34d67875ef063df5f31b912077148250e44d4a71194f31a921c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e8d69712c7124515dd61e2ff5011a4972818eacc1cce004f16249573d08d06
560f80795a315e95c7bcf137c8462930c3a6de80eda99f08c490a116a849a082
5635b26bde0c2052b209df884103e9edc15e10a490083163c45a95e1bed4fd6d
568fe93885785ae318212db636bd5fe0d36bfdf65944424ef3a9710c866aaf7d
57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
597ec88a6b00a3f445edafca4ad5aa5243e6994f24287ebfd12e8f5fbdfb3748
5a064f3e5acce5a490f72c503214bdab31176e293256178a590c91fb90fd8bbd
5b35ec387c3f92d98f58366c44602fab7687f2223932d70d5391d41c32268da2
5db6909ed75320a836bf23d9d6f17397ffcd5cef5118867850a944f0341312e5
5e4fc1f8afab95822629898bf4865965899c5e99b264e39cb1c8821c2af9316b
5e7b23185c4a23bd678bdda50bfbae606f96e41e02e1af130d7af2ba41f7ead0
5efd3f4610ccc45e00c99246be09d65505a21997f01c638055f0d5478ed25a9e
5f6a9766ec8b5ae52e9c91ad319e62d0402299c75115cc5dbb804767fb186329
5f7166f65fb26478843bd579a39a0866aed12451546f829378252349726f958b
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
61b4980fd58d4a6df7b2bed827a0a9715663d36af434de4a42b9064dabad9ddb
62029fd73703412d4237db0d6d16fe473a24792448639765f859bdcdd2edb4f5
6273328dc9268d8cc3eac89d8451ccfaf59fcb4c0aa13c7ad0c75e595004fb47
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
63f16ec90745dfc9194eb6d92cdd6e015cfc776c71ec45b0ff5b0ffa06b3f04b
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bad1451629361064131e89578a47a5676d59746797a75b461ba8db33a135f2e
6fa066ecc781aac1fbe4511a08fd758c1d113bef4f7622428209da0f5e1e7188
71173cc181cac7ba715116862a85146a4ea8b3738e0fd9e38cbf541dbca023cf
71c079a0404daec4b5e2b0d523621a8f916029a378aebff3f93aaffc3d391a98
73f6bfc962639314b45d8158b9ddd8507868233ebfba15d6d11c74f8213721d0
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7b3514001304a35cd05a09021ad470cc9dbd97b8e1772e2c04fc09ef821a69b5
7fe3c20e5672e6633bb21e1fa62132c22d5e6f44242bc6968a25abe0a286c72c
822d1188693cd5019808b28a12aa4d9918b79eaf9d1d011d64367908243c6aa4
831c25ad64f96db79fdfbc8646c8dfc4bbaebda89d52cc0397d7b4b228e6fcc1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86aa0bce6eb979497b9cad3f299766e4db6ffc0c63ef6ea83e3a1fb85d3456db
88904b3c9a7c4c903396e443f79a01ee48cd98cbca1fd26ee809070b4b8636c7
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8f5e10186cfb4ad342d76573ebc90f6c149ca65689fb31865329d1c9b291f1b1
90acf1d4a55608b5b7838a432bd654069f3f5a30dbc1e3e9c6ccdd7a74b210b0
9203a88a06533f595206bed00dd110e267301408b4a6f98272f7dc9d160789c7
9301aaeed0934d3d3a61f569dc74d59174aed00048d9c6e2de59d8ec729042c7
962dfa0656a09d322f58aafabf79fbfe324fd0f06d54e89281832c6d339fdd77
96ca498c81a4fe017a3596b862ccabb2d96e214e5938f78db451356429d2dbb3
979fae781422f2a37afdb795f51b8517d244e5a56c3f117dc62770909348e2da
984b9c5aeb6900718007addde06137da6bd85f4ba890eac06f22b8b636d91700
9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708
9a55987a2165ac387cc016942f21a740ad211f7ce784d1de7497567b4f03612e
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9db24845e8f3a152486401397f0c7fe9a9fa54844570bce390b902400352a62c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9fcdea3d056dd6cb1d81b16410d23afe780bf830156b1ed00b560cea0d5234be
a0bd79a07b77b72d4d57cd5b01644c27f5fd7f5af1c7fe4158e84cbfdedb9557
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a372bc275e0af36d407c457e8a119685b5cc3751a2298754766d391fbfdb4855
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f95dde2752eb5f12718a2c128f3583585770196a341faccceb95381b6f8d57
aa00bc22b11e8420ddf7174baefa886549bc0bee994448baa2ed80b26e887597
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa42581b3521b7d1c3fcc18900a2d65dad3b1827d1dfb0332e76ee4e05657448
addb2c93a5432b562ab1b3288c26bfadf75ac68d726aa7e8f4dd32f0ad858bf7
ae43eb24cfcd4bcf85c72c7ba11bf20a9348e4cef8787b55b66f59bb9d466e66
aebe9729d680dc89cbfd1d622adfc1fae9f8a14fdcdb7fb9471b9bc7ba8ee6db
b04a2c6940640644897220bca6a215e6eea45a82b83b004f547de4358dc50f39
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3578d0d6b2ed11dc2731df7ed6b7916a9126667bc138a9df9cfb41370b22434
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
b612fc4724e3e67e94c7a94243237e38881241d93e09196ea804bf69897ac02e
b7efe7a4981a108c6b10dea17cbb218c0bd8ad0ea897859ab4154e4682712364
b9c3fe38ecee7df99c4ed72f1395c205eeeca276915c9ba706cc457905858758
b9d8ea031a330add9781fc795e3eb65238b4f3501647ea40558035d5d5fad268
bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c830248d1d02f2975f0805cc5f072db4875bd736be67d615ab84cae6bd869ecd
ca61a70bb1d58c863f0032888e36efb81757b2c39cdd96543e6e9696e7c34b5a
cb36a0327550c1a0230fd472f3a7ce16ad84bf5ff117f4faa206bb12f1639fbf
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
d09b514dd39aca82c7f54a8e6b2898641dcc8c109753eabd65cfd48c222fa24e
d0b7dd105d37c9819c263c56dfacd7a53d757d1283107bc11a9dfac0b122df11
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d5f5aa9e78c0d43586984ce5a4f9bd86bd6af76229a32ef6a9f325ac013833ba
d614e0fdb4901564af28759fd4a4272a761616f09224cef9bebe6b86185fc8db
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6b749cc958b6823669c984c11f4330c97d57e152645c17459369eccb29cf0a4
d72ef26c49b50f3adc9d3b4bc5fd06605500ecceeb783bd6d9b300ee557d1dcc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dac6d7ada1a7d85876babe58d966f4d5d23cf2a6e783ca6a656104f431f51702
de1fda29e8904c4bf2f6d0ef768dca299bd07fdb82c1a8c387d48f3d1daa69b2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e1367f8d8157fecb3060b7bd7c4d80f4db8ee18d4838faab0bcee18f4a7f3331
e1663efb90ff10ff634403e52d8eea5907eb9ab508562be2827222daa2231256
e17ea6db32d44acaf74ced343aaa5ee50facbe79f847fa0758a9d3dabaf4df98
e31001d4562b4db7690dd6f6c207587296446987ed2e7a14cfd545ec09a041fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85dd3fbfd058e5a132a056f129863c9a25086b8104f41889b4ba18219831d66
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e99fb04efa04f6f962099637f4ca42211f16e23e33cff1532058d0e3b6ed701e
eb64f247eedf115966d4db9c0e209b8ffeb7e1da0c15d83d289f342e1ac3e3c5
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
edc73ccf6d8dbd2a50aea61fea54e757905466002181607498299be26c6fef54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f22349522ae5dbd859478869523cfee5c8ee67bf0c080103bf6edcc9c5c6b14f
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c
fee5f4c87dabd8d30661714f8adababf64ba25b7cec543517eb5e80351a8dbef

agora.md Open in urlscan Pro 161.35.200.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

100 %HTTPS

53 %IPv6

32 Domains

55 Subdomains

46 IPs

14 Countries

4618 kBTransfer

8474 kBSize

3 Cookies

11 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

agora.md Open in urlscan Pro
161.35.200.35 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

100 %
HTTPS

53 %
IPv6

32
Domains

55
Subdomains

46
IPs

14
Countries

4618 kB
Transfer

8474 kB
Size

3
Cookies

209 HTTP transactions
3 data transactions