nokta.md Open in urlscan Pro
2606:4700:10::ac43:510 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nokta.md/
Effective URL:
https://nokta.md/
Submission: On June 05 via api (June 5th 2023, 7:59:11 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 18 domains to perform 128 HTTP transactions. The main IP is 2606:4700:10::ac43:510, located in United States and belongs to CLOUDFLARENET, US. The main domain is nokta.md.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 11th 2023. Valid for: a year.

This is the only time nokta.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:44aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 50	2606:4700:10:... 2606:4700:10::ac43:510	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3036::6815:7f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	128.140.224.226 128.140.224.226	5606 (GTS-BACKB...) (GTS-BACKBONE GTS Telecom)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
128	27

1 2606:4700:10::6816:44aa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nokta.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2606:4700:10::ac43:510 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nokta.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7aaf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:7f3 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.dsail-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 128.140.224.226 (Romania) 1 redirects

ASN5606 (GTS-BACKBONE GTS Telecom, RO)

gamd.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	nokta.md 2 redirects nokta.md	4 MB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com	141 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221 stats.g.doubleclick.net — Cisco Umbrella Rank: 111 googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	339 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 5835	204 KB
6	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 987	44 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3105 adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	3 KB
5	gemius.pl 1 redirects gamd.hit.gemius.pl — Cisco Umbrella Rank: 207839 ls.hit.gemius.pl — Cisco Umbrella Rank: 12624	22 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	3 KB
3	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 9657	362 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5230 adservice.google.de — Cisco Umbrella Rank: 8155	939 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	126 KB
2	yandex.ru yandex.ru — Cisco Umbrella Rank: 1572	89 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	68 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	54 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1079	7 KB
1	dsail-tech.com prebid.dsail-tech.com — Cisco Umbrella Rank: 753313	369 KB
128	18

	Domain	Requested by
51	nokta.md	2 redirects nokta.md static.cloudflareinsights.com
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net nokta.md 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nokta.md 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
9	yastatic.net	yandex.ru
8	securepubads.g.doubleclick.net	nokta.md securepubads.g.doubleclick.net yastatic.net
6	unpkg.com	4 redirects nokta.md
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	gamd.hit.gemius.pl	1 redirects nokta.md gamd.hit.gemius.pl
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ads.adfox.ru	nokta.md
2	googleads4.g.doubleclick.net	nokta.md
2	www.google.com	tpc.googlesyndication.com
2	46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	nokta.md www.googletagmanager.com
2	yandex.ru	nokta.md yandex.ru
1	187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
1	www.googletagservices.com	46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	nokta.md
1	region1.analytics.google.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gamd.hit.gemius.pl
1	static.cloudflareinsights.com	nokta.md
1	prebid.dsail-tech.com	nokta.md
128	29

This site contains links to these domains. Also see Links.

Domain
map.md
t.me
www.facebook.com
www.instagram.com
www.youtube.com
sens.media
amigo.studio

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-11` - `2024-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
dsail-tech.com GTS CA 1P5	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2023-03-25` - `2023-09-04`	5 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://nokta.md/
Frame ID: D2BA604998821CC5177A955D652FABE9
Requests: 83 HTTP requests in this frame

Frame: https://nokta.md/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
Frame ID: 835C87E50C514C3AB731487E1E737531
Requests: 3 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 513A9856B0F7B0AFCB36BE960A230065
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 69BC1172E00A728285B20B73187219CF
Requests: 9 HTTP requests in this frame

Frame: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4D6A1F94B66E4C4009DDDC4AC599093B
Requests: 1 HTTP requests in this frame

Frame: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 28A83EDDCD64DBE48479744323DBDC3A
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C18010769A3BE2030C391E0B1605AF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64D4F81C8E4A14EE8D03F1F1D7AAAAF4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_InAEQn_W42gMYtabI7AEwAQ&v=APEucNXhVipckz1ImMQSEoddZV7INnEWYv_v1010mMI-zIphulWf5N9vrcuck6kCzCqlOntMiwY31AmtSkf0P6xE-TnvkOnq1VqxJBm0nJHB65VG1ngszhYguXBMYQJrCvRVjm3zsuNKjfa_P5NceSM4fP_4uUXViESlCYg3a1fu-24Nq5Olezw
Frame ID: B4F026781AD57FEBD74C4B54000255EF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1CCE834A39F0AEDE23F1D77DE8820916
Requests: 3 HTTP requests in this frame

Frame: https://187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34E9698D93D962E45FBB83DF9D5D35F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A90114B79890159D44310EA009571F25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A2CA3497E7074E974FFC631CD804283
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nokta - Новости Гагаузии

Page URL History Show full URLs

http://nokta.md/ HTTP 301
https://nokta.md/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

128
Requests

94 %
HTTPS

78 %
IPv6

18
Domains

29
Subdomains

27
IPs

7
Countries

5375 kB
Transfer

8467 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://map.md/ru/street/113692006?number=11&embed=1#13.9/46.30581/28.65894
Title: Комрат, ул. Победы 11

Search URL Search Domain Scan URL

URL: https://t.me/nokta_live
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Nokta.md
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nokta.md/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmznL5cxb_FmHEX1-r2Z7_g?view_as=subscriber
Title: Youtube

Search URL Search Domain Scan URL

URL: https://sens.media/
Title: Разработано SENSMEDIA

Search URL Search Domain Scan URL

URL: https://amigo.studio/
Title: Design by amigo.studio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nokta.md/ HTTP 301
https://nokta.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/swiper/swiper-bundle.min.css?ver=6.1.3 HTTP 302
https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@9.3.2/swiper-bundle.min.css

Request Chain 23

https://unpkg.com/swiper/swiper-bundle.min.js?ver=6.1.3 HTTP 302
https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@9.3.2/swiper-bundle.min.js

Request Chain 52

https://nokta.md/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://nokta.md/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

Request Chain 73

https://gamd.hit.gemius.pl/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokta.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LhDKesfikpAXGCjc_ugSwBjP8JGg7HRDyNHgM5lcFRn.I78jqjqmu8cMp5v.gIR_qzQzJGZukMfyFgh0Q0YUgWuShC9r/QthJ5JKa4.Vbs/&fpdata=GLywPor72Wqx78ytPt_4KZJCWWd5dzcClTgzyCV2bIj.x7&ltime=505&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647e3e89115e6918&brts=1685995145&fpcap= HTTP 301
https://gamd.hit.gemius.pl/__/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokta.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LhDKesfikpAXGCjc_ugSwBjP8JGg7HRDyNHgM5lcFRn.I78jqjqmu8cMp5v.gIR_qzQzJGZukMfyFgh0Q0YUgWuShC9r/QthJ5JKa4.Vbs/&fpdata=GLywPor72Wqx78ytPt_4KZJCWWd5dzcClTgzyCV2bIj.x7&ltime=505&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647e3e89115e6918&brts=1685995145&fpcap=

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4.ig1qkDpSys7DYHQnWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1&google_hm=2

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB1HSZ98FuMDXWniVpSSvDo&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4OTYzNjc4MjAyOTM0OTQ4OQ%3D%3D

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nokta.md/
Redirect Chain

http://nokta.md/
https://nokta.md/

220 KB
53 KB

133ms
109ms

Document
text/html

2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d37776bb7c669509954d95834f435b03f8399f4df56f1322b98fce250f22c694

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7d2afe765ce33675-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Jun 2023 19:59:04 GMT
last-modified: Mon, 05 Jun 2023 18:00:09 GMT
server: cloudflare
vary: Accept-Encoding
wpo-cache-status: cached

Redirect headers

CF-RAY: 7d2afe761bd9bba1-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 05 Jun 2023 19:59:04 GMT
Expires: Mon, 05 Jun 2023 20:59:04 GMT
Location: https://nokta.md/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 weather-module.css
nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/ 2 KB
637 B 41ms
20ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/weather-module.css?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b379e1be66deeb14ae4b5d398f02cc51309d5396faed455ace3b6ed9c00c1837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 1422161
cf-polished: origSize=3293
etag: W/"622f92ae-cdd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774dea3675-FRA
expires: Sun, 19 May 2024 08:56:23 GMT

GET
H2 200 currency-module.css
nokta.md/wp-content/themes/nokta/plugins/currency-module/assets/ 240 B
339 B 37ms
16ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/plugins/currency-module/assets/currency-module.css?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e113a863badcfa7f3cda776d5208d1f965b48a66455dffd12050ceac9dfaf16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 1422161
cf-polished: origSize=307
etag: W/"622f92ae-133"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774deb3675-FRA
expires: Sun, 19 May 2024 08:56:23 GMT

GET
H2 200 classic-themes.min.css
nokta.md/wp-includes/css/ 217 B
280 B 42ms
22ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 11:56:33 GMT
server: cloudflare
age: 10760855
etag: W/"636b9571-d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774dec3675-FRA
expires: Thu, 01 Feb 2024 06:51:29 GMT

GET
H2 200 styles.css
nokta.md/wp-content/plugins/contact-form-7/includes/css/ 2 KB
945 B 42ms
21ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 May 2023 08:51:51 GMT
server: cloudflare
age: 471686
cf-polished: origSize=2859
etag: W/"64770aa7-b2b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774ded3675-FRA
expires: Thu, 30 May 2024 08:57:38 GMT

GET
H2 200 light.css
nokta.md/wp-content/plugins/easy-liveblogs/assets/css/themes/ 1 KB
528 B 40ms
19ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.4
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755e2a1b53d5fc608e6d8246898a6cc164a7bc3f8a2a47446864e5d80a6dc467

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 31 Mar 2023 15:23:23 GMT
server: cloudflare
age: 5718010
cf-polished: origSize=1223
etag: W/"6426faeb-4c7"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774def3675-FRA
expires: Sat, 30 Mar 2024 15:38:54 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@9.3.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css?ver=6.1.3
https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@9.3.2/swiper-bundle.min.css

17 KB
5 KB

21ms
21ms

Stylesheet
text/css

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@9.3.2/swiper-bundle.min.css

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55564d0504733b999d0cd481c189881f733b1a5b2984a4629af62d8cc495d895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1842673
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H0FMYG0171G49BG07SMJM5J9-fra
server: cloudflare
etag: W/"45f1-DyeSz//WzmXqkOBzNlh8cq0wmCg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2afe77ff9c1ca1-FRA

Redirect headers

date: Mon, 05 Jun 2023 19:59:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H26HSY8P8YMS1D4Z1G5Q2FMZ-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 478
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@9.3.2/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d2afe77cf5b1ca1-FRA

GET
H2 200 letmescroll.css
nokta.md/wp-content/themes/nokta/public/assets/vendors/let-me-scroll/ 927 B
412 B 38ms
18ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/vendors/let-me-scroll/letmescroll.css?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb4fd441dc86393bf0164b078904c830988b914d686ebcf23c3c13fdaacad0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 1422161
cf-polished: origSize=1412
etag: W/"622f92ae-584"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774df33675-FRA
expires: Sun, 19 May 2024 08:56:23 GMT

GET
H2 200 style.css
nokta.md/wp-content/plugins/newsletter/ 4 KB
965 B 40ms
21ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/newsletter/style.css?ver=7.7.0
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7cc51d03f0d99bdf8b405b9fce6dd02b1064c4d8afe0308493db1172ded65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 28 Apr 2023 08:51:54 GMT
server: cloudflare
age: 3322655
cf-polished: origSize=6282
etag: W/"644b892a-188a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774df43675-FRA
expires: Sat, 27 Apr 2024 09:01:28 GMT

GET
H2 200 style.css
nokta.md/wp-content/themes/nokta/ 0
114 B 37ms
18ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/style.css
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 3505106
cf-polished: origSize=274
etag: W/"622f92ae-112"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774df53675-FRA
expires: Thu, 25 Apr 2024 06:20:38 GMT

GET
H2 200 fonts.css
nokta.md/wp-content/themes/nokta/public/assets/css/ 3 KB
461 B 41ms
22ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980ae1a7d20f556f83c9f329c8a216e9ba1b1aa5a73c7c33cb6a03fc182fdd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 20 Jun 2022 15:50:08 GMT
server: cloudflare
age: 10760855
cf-polished: origSize=2809
etag: W/"62b09730-af9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774df73675-FRA
expires: Thu, 01 Feb 2024 06:51:29 GMT

GET
H2 200 styles.css
nokta.md/wp-content/themes/nokta/public/assets/css/ 281 KB
43 KB 117ms
98ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/styles.css?ver=0.57588100%201685988008
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfcc1919e0ceebdd9b19a2b7da55e98a3752f9253378aa75ca14537964e9e912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Sep 2022 15:23:15 GMT
server: cloudflare
etag: W/"631765e3-463c3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe774df83675-FRA
expires: Tue, 04 Jun 2024 19:59:04 GMT

GET
H2 200 jquery.min.js Show response
nokta.md/wp-includes/js/jquery/ 88 KB
31 KB 56ms
37ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 11:56:33 GMT
server: cloudflare
age: 10760855
etag: W/"636b9571-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774dff3675-FRA
expires: Thu, 01 Feb 2024 06:51:29 GMT

GET
H2 200 jquery-migrate.min.js Show response
nokta.md/wp-includes/js/jquery/ 11 KB
4 KB 53ms
34ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 09:09:05 GMT
server: cloudflare
age: 10760855
etag: W/"602cdd31-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e003675-FRA
expires: Thu, 01 Feb 2024 06:51:29 GMT

GET
H2 200 easy-liveblogs.js Show response
nokta.md/wp-content/plugins/easy-liveblogs/assets/js/ 296 KB
73 KB 59ms
41ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/easy-liveblogs/assets/js/easy-liveblogs.js?ver=2.3.4
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226a7d74481c9d415acae1eeb7ba0d5910bcbe331d20798d8a9a10e105087ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 31 Mar 2023 15:23:23 GMT
server: cloudflare
age: 5718010
cf-polished: origSize=302667
etag: W/"6426faeb-49e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e013675-FRA
expires: Sat, 30 Mar 2024 15:38:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 202ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ec814c67d04f5258b253e421374e39df356257a4e94087d25d576b57a7687ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25275
x-xss-protection: 0
server: cafe
etag: 866 / 19513 / m202305310101 / config-hash: 10662209317896111161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 296 KB
87 KB 198ms
67ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548d1e98ac4041a9b018e46c9c2a78b9919d6040ec4d5b7a1251fa2c085f1de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1685995145170801-18262758290923084096-balancer-l7leveler-kubr-yp-sas-47-BAL-6730
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 05 Jun 2023 20:59:05 GMT

GET
H2 200 prebid_preprod.js Show response
prebid.dsail-tech.com/ 368 KB
369 KB 84ms
38ms Script
text/plain 2606:4700:3036::6815:7f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.dsail-tech.com/prebid_preprod.js
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:7f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999c990eac078d8987079f882c48e9294fbf3fd8ac92d1f8600f72b807dc8201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 19:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 841
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KMA9%2FCY%2BwAjqVODntx9bDb31Tcw%2BErHMgt7I68qd7F3H87zmke%2B2lrhd65%2B7tzN3hU4aicw0GhBuwcZba8fSl5%2FQkayYFDXF1zE9dnEO4GME8IWdUeDkT70iBu9RpkPrLk1xttfdGZjeoD8sk43gIRhzbc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 7d2afe78ac0d2bea-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 146ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-16NB6NMBW8

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

906f29a98bc192c94b6e71c6a16da9911e534f709df57d5abe75716fa336af52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 200 email-decode.min.js Show response
nokta.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 35ms
17ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nokta.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
server: cloudflare
etag: W/"6476145d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d2afe774e023675-FRA
expires: Wed, 07 Jun 2023 19:59:04 GMT

GET
H2 200 weather-module.js Show response
nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/ 471 B
386 B 58ms
40ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/weather-module.js
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d475d615b9fafc607716fb61db14ff3688a9ce6ea13cf27cc7343a33ac250b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 15:42:40 GMT
server: cloudflare
age: 3502863
cf-polished: origSize=680
etag: W/"62320570-2a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e053675-FRA
expires: Thu, 25 Apr 2024 06:58:01 GMT

GET
H2 200 currency-module.js Show response
nokta.md/wp-content/themes/nokta/plugins/currency-module/assets/ 554 B
363 B 41ms
23ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/plugins/currency-module/assets/currency-module.js
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64479e3b6a6ac6055d31fdb43521c021d081db817a44210f66753035aadb00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 15:42:42 GMT
server: cloudflare
age: 10760855
cf-polished: origSize=760
etag: W/"62320572-2f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e063675-FRA
expires: Thu, 01 Feb 2024 06:51:29 GMT

GET
H2 200 index.js Show response
nokta.md/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 53ms
36ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 May 2023 08:51:51 GMT
server: cloudflare
age: 471807
etag: W/"64770aa7-2801"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e073675-FRA
expires: Thu, 30 May 2024 08:55:37 GMT

GET
H2 200 index.js Show response
nokta.md/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 54ms
36ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 May 2023 08:51:51 GMT
server: cloudflare
age: 471681
etag: W/"64770aa7-328f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e093675-FRA
expires: Thu, 30 May 2024 08:57:43 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@9.3.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js?ver=6.1.3
https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@9.3.2/swiper-bundle.min.js

137 KB
39 KB

27ms
25ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@9.3.2/swiper-bundle.min.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c6da2b8945cfae44eb209ac3de3e763d3405eecbdea8f749710050fe321721e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1842682
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H0FMY8BRER0T14B96H60ZP2C-fra
server: cloudflare
etag: W/"2228c-FSMR0J36tmZGZD/R/QM2SptNStI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7d2afe77ff9a1ca1-FRA

Redirect headers

date: Mon, 05 Jun 2023 19:59:04 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H26J221FKDJFWPAKRXSZ5WS5-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 212
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@9.3.2/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7d2afe77df5e1ca1-FRA

GET
H2 200 letmescroll.js Show response
nokta.md/wp-content/themes/nokta/public/assets/vendors/let-me-scroll/ 9 KB
2 KB 53ms
35ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/vendors/let-me-scroll/letmescroll.js?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a58e459f0f0d44911ae785b7692808fb88ca627366042b7726024b1fd146d18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 1422160
cf-polished: origSize=17581
etag: W/"622f92ae-44ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e0b3675-FRA
expires: Sun, 19 May 2024 08:56:24 GMT

GET
H2 200 utils.js Show response
nokta.md/wp-content/themes/nokta/public/assets/js/ 2 KB
998 B 41ms
24ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/js/utils.js?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23604d7a309832b4a5ac8d1a857ed67b052b3dfde8f6ad2667a384824b9c20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 1422160
cf-polished: origSize=3291
etag: W/"622f92ae-cdb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e0c3675-FRA
expires: Sun, 19 May 2024 08:56:24 GMT

GET
H2 200 scripts.js Show response
nokta.md/wp-content/themes/nokta/public/assets/js/ 33 KB
7 KB 90ms
73ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/js/scripts.js?ver=0.57592100%201685988008
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd301403c1ea9b6b2a13c4da6155bfd44ce4a52b804cdf1ce376f7b76e26b60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Mar 2022 10:22:36 GMT
server: cloudflare
etag: W/"623068ec-83b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe774e0d3675-FRA
expires: Tue, 04 Jun 2024 19:59:04 GMT

GET
H2 200 wp-emoji-release.min.js Show response
nokta.md/wp-includes/js/ 18 KB
5 KB 22ms
21ms Script
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-includes/js/wp-emoji-release.min.js?ver=6.1.3
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Jun 2022 13:34:59 GMT
server: cloudflare
age: 1422161
etag: W/"629cb103-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7d2afe785f733675-FRA
expires: Sun, 19 May 2024 08:56:24 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 89ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d2afe789c139b55-FRA

GET
H2 200 easy-liveblogs.css
nokta.md/wp-content/plugins/easy-liveblogs/assets/css/ 640 B
390 B 20ms
16ms Stylesheet
text/css 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/plugins/easy-liveblogs/assets/css/easy-liveblogs.css
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c1ffafa4cfd35df4f7a3b7c640a87515cc88202d806f824b85d2d0e7e73e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:04 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 31 Mar 2023 15:23:23 GMT
server: cloudflare
age: 3502863
cf-polished: origSize=770
etag: W/"6426faeb-302"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 7d2afe77be9b3675-FRA
expires: Thu, 25 Apr 2024 06:58:01 GMT

GET
H2 200 xgemius.js Show response
gamd.hit.gemius.pl/ 64 KB
18 KB 146ms
35ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/xgemius.js
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 9cf29cebf607fff8cce66b1b38ae097bd4574dff76124814c7ef7cba72cf4c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: gzip
last-modified: Fri, 12 May 2023 12:38:55 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 18031
expires: Tue, 06 Jun 2023 07:59:05 GMT

GET
H2 200 theme-bg-2.svg
nokta.md/wp-content/uploads/2022/03/ 44 KB
18 KB 19ms
19ms Image
image/svg+xml 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2022/03/theme-bg-2.svg
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/styles.css?ver=0.57588100%201685988008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644ccd7943c4660591d9bbc9572fc65a7033678e5b362b977f207d5f12fc4322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/wp-content/themes/nokta/public/assets/css/styles.css?ver=0.57588100%201685988008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 18:59:49 GMT
server: cloudflare
age: 891534
etag: W/"622f90a5-ae7e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
cf-ray: 7d2afe787f983675-FRA
expires: Sun, 25 Jun 2023 12:20:11 GMT

GET
H2 200 cdad3871-790b-42ac-94ee-5c309547d908.jpeg
nokta.md/wp-content/uploads/2023/05/ 77 KB
78 KB 19ms
18ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/cdad3871-790b-42ac-94ee-5c309547d908.jpeg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bbd88ef5dc745d96fcf5d288854798760773d3b1c2d1644b03aad68e1a68c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 29 May 2023 08:06:39 GMT
server: cloudflare
age: 638819
cf-polished: origSize=85650
etag: "64745d0f-14e92"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe788fb13675-FRA
content-length: 79320
expires: Wed, 28 Jun 2023 10:32:06 GMT

GET
H2 200 mycollages-2.jpg
nokta.md/wp-content/uploads/2023/06/ 170 KB
170 KB 81ms
81ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/mycollages-2.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ad5302bf7c2e6097e120085dd44cfc48bb922a3ea440ba8ea2af77b9e0fca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 14:14:23 GMT
server: cloudflare
etag: "647dedbf-2a862"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe788fb93675-FRA
content-length: 174178
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 Panton-Regular.otf
nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Regular/ 145 KB
145 KB 19ms
14ms Font
application/octet-stream 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Regular/Panton-Regular.otf
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f234f4600c91c7979ec9ed19d80dfdf80cfe78c64fcaa49c0b1364d0ecfa24f

Request headers

Referer: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 3504896
etag: "622f92ae-24348"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d2afe789fcc3675-FRA
content-length: 148296
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Panton-Bold.otf
nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Bold/ 145 KB
146 KB 32ms
27ms Font
application/octet-stream 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Bold/Panton-Bold.otf
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bba70edaffa6d4e72cd19e4946ca22732b1ca05c62d4ba02c7a2668abfd4a1

Request headers

Referer: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 10760855
etag: "622f92ae-24568"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d2afe789fd03675-FRA
content-length: 148840
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Panton-Light.otf
nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Light/ 145 KB
146 KB 28ms
23ms Font
application/octet-stream 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts/Panton-Light/Panton-Light.otf
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4ab2276dcf53c0ae41925d1dd8df947069bd907812e7e4c9a8852d3f8c3c85a

Request headers

Referer: https://nokta.md/wp-content/themes/nokta/public/assets/css/fonts.css
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 3502864
etag: "622f92ae-24500"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d2afe789fd43675-FRA
content-length: 148736
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OpenWeatherIcons.woff2
nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/fonts/ 3 KB
3 KB 23ms
19ms Font
application/octet-stream 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/fonts/OpenWeatherIcons.woff2
Requested by: Host: nokta.md
URL: https://nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/weather-module.css?ver=6.1.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f21f36b76aa068bb644f2ede985d8261ba98a13404ab9d82d6b91513bebd5c9

Request headers

Referer: https://nokta.md/wp-content/themes/nokta/plugins/weather-module/assets/weather-module.css?ver=6.1.3
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 19:08:30 GMT
server: cloudflare
age: 3729222
etag: "622f92ae-bbc"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d2afe789fd73675-FRA
content-length: 3004
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nokta-live-oblozhki-1-400x229.jpg
nokta.md/wp-content/uploads/2023/06/ 27 KB
27 KB 20ms
16ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/nokta-live-oblozhki-1-400x229.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0162db0ec46034d1646eccb2788d685704b7c17951ad0870c5fa98e402247edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Jun 2023 16:31:13 GMT
server: cloudflare
age: 268656
cf-polished: origSize=30433
etag: "647a1951-76e1"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8213675-FRA
content-length: 27605
expires: Sun, 02 Jul 2023 17:21:29 GMT

GET
H2 200 photo_2023-06-05_17-43-35-e1685976339620-400x233.jpg
nokta.md/wp-content/uploads/2023/06/ 26 KB
26 KB 46ms
41ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/photo_2023-06-05_17-43-35-e1685976339620-400x233.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543f2494a8e50be07d9994f8dfe1136481ec7fb41739564e4a4628ead84026cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 14:45:39 GMT
server: cloudflare
etag: "647df513-68fc"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8223675-FRA
content-length: 26876
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 mycollages-2-400x225.jpg
nokta.md/wp-content/uploads/2023/06/ 19 KB
19 KB 78ms
73ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/mycollages-2-400x225.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79c8bb513ef58916c7f5d27df83ea2a8b275c2eb92011df380ade109fdcddca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 14:14:23 GMT
server: cloudflare
etag: "647dedbf-4b77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8233675-FRA
content-length: 19319
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 photo_2023-06-04_14-40-59-360x240.jpg
nokta.md/wp-content/uploads/2023/06/ 25 KB
25 KB 76ms
72ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/photo_2023-06-04_14-40-59-360x240.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ed0849831a7cfebf8138a220636d08c58544eeb3a38e6a13456635a0f20e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 13:30:49 GMT
server: cloudflare
etag: "647de389-6394"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8253675-FRA
content-length: 25492
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 ar-358x240.png
nokta.md/wp-content/uploads/2023/06/ 86 KB
86 KB 87ms
82ms Image
image/png 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/ar-358x240.png
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc369a84346648c99f9dcf8254137489e000096038f0bf0a77e0b4315e700fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Jun 2023 11:29:21 GMT
server: cloudflare
etag: "647dc711-15931"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8263675-FRA
content-length: 88369
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 sent-lusiya.png
nokta.md/wp-content/uploads/2023/05/ 404 KB
405 KB 33ms
30ms Image
image/webp 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/sent-lusiya.png
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94808af1ad06c372e971f01991a47a96d28def508767e68ba5f367bd2ac1e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
age: 955183
cf-polished: origFmt=png, origSize=696694
content-disposition: inline; filename="sent-lusiya.webp"
content-length: 413850
cf-bgj: imgq:100,h2pri
last-modified: Thu, 25 May 2023 16:16:49 GMT
server: cloudflare
etag: "646f89f1-aa176"
vary: Accept
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8283675-FRA
expires: Sat, 24 Jun 2023 18:39:22 GMT

GET
H2 200 exterior-view.jpg
nokta.md/wp-content/uploads/2023/05/ 83 KB
84 KB 20ms
18ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/exterior-view.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc94707f2cd54cac4f779775a6d1de6331a87327ed766a44fe9516c26df3456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 23 May 2023 13:52:40 GMT
server: cloudflare
age: 502993
cf-polished: origSize=88589
etag: "646cc528-15a0d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8293675-FRA
content-length: 85248
expires: Fri, 30 Jun 2023 00:15:52 GMT

GET
H2 200 turkey-1349838_960_720.jpg
nokta.md/wp-content/uploads/2023/05/ 185 KB
185 KB 22ms
20ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/turkey-1349838_960_720.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf645bbe5045476c4efc0e2fabcffb94dcb0d73ebec21f6db7c9edb13ae48e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 17 May 2023 09:00:14 GMT
server: cloudflare
age: 45750
cf-polished: origSize=199882
etag: "6464979e-30cca"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e82b3675-FRA
content-length: 189012
expires: Wed, 05 Jul 2023 07:16:35 GMT

GET
H2 200 mycollages-11-384x240.jpg
nokta.md/wp-content/uploads/2021/02/ 18 KB
18 KB 76ms
74ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2021/02/mycollages-11-384x240.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0413ae2c33847ad3990b41c3308a6569c8115dc2465459edf731781c5f85b65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Mon, 01 Feb 2021 17:09:28 GMT
server: cloudflare
etag: "601835c8-4828"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e82d3675-FRA
content-length: 18472
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 347803240_639087521400660_4069180273419902498_n-320x240.jpg
nokta.md/wp-content/uploads/2023/05/ 26 KB
26 KB 88ms
86ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/347803240_639087521400660_4069180273419902498_n-320x240.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4144d2636ee26e1a001f306fd45562e9fc2295c973e77ab02a1b6ee63bebd27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Wed, 24 May 2023 14:43:31 GMT
server: cloudflare
etag: "646e2293-690e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e82e3675-FRA
content-length: 26894
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 dizajn-bez-nazvaniya-10-1.png
nokta.md/wp-content/uploads/2023/05/ 787 KB
788 KB 89ms
86ms Image
image/png 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/dizajn-bez-nazvaniya-10-1.png
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f8414f3ec177aa2274811fa9f2d58be4f9e4364e29ca74228273ed5b4a53aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Tue, 23 May 2023 12:48:26 GMT
server: cloudflare
etag: "646cb61a-c4d8b"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e82f3675-FRA
content-length: 806283
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 snimok-ekrana-2023-05-19-102644.jpg
nokta.md/wp-content/uploads/2023/05/ 173 KB
173 KB 88ms
87ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/snimok-ekrana-2023-05-19-102644.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3639340564e9ca5aa35a31fee3f29458be3caf163bfd6bb00d07d754c2a26ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Fri, 19 May 2023 07:27:11 GMT
server: cloudflare
etag: "646724cf-2b249"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8303675-FRA
content-length: 176713
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 83.png
nokta.md/wp-content/uploads/2023/05/ 1 MB
1 MB 87ms
85ms Image
image/png 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/05/83.png
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fa0d58687d1f4627021137d51a0bd7a5b1d134429c3c2d0701caef5d6123a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 11:58:19 GMT
server: cloudflare
etag: "6464c15b-106e8e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8313675-FRA
content-length: 1076878
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 img_6559-320x240.jpg
nokta.md/wp-content/uploads/2023/06/ 17 KB
17 KB 74ms
72ms Image
image/jpeg 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nokta.md/wp-content/uploads/2023/06/img_6559-320x240.jpg
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866b1591bc8111bb998e9e3479197908610106501868f483eb98f80d069dde03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 08:57:28 GMT
server: cloudflare
etag: "6479aef8-4561"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7d2afe78e8323675-FRA
content-length: 17761
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2

200

invisible.js Show response
nokta.md/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/ Frame 835C
Redirect Chain

https://nokta.md/cdn-cgi/challenge-platform/scripts/invisible.js
https://nokta.md/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

23 KB
10 KB

17ms
17ms

Script
application/javascript

2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nokta.md/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Server

2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef219b0e766951c4249448aaada3a8da4ab54ebd123d9e0a01fed21b8655eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d2afe79f9ed3675-FRA

Redirect headers

access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
date: Mon, 05 Jun 2023 19:59:05 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 7d2afe79a9893675-FRA
vary: accept-encoding

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ 406 KB
126 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 11:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29188
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128353
x-xss-protection: 0
server: cafe
etag: 2840082887590536516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 11:52:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
94 B 153ms
74ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nokta.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f1cf894af232eefc7489d3fe3d620cb38ede4291dc191b27ebeadafa2fb5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69
x-xss-protection: 0
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 200 fpdata.js Show response
gamd.hit.gemius.pl/ 277 B
392 B 31ms
31ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/fpdata.js?href=nokta.md
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: b3253633ecccd99bfdc85081ddbaa6659340b8c1029e47b7e9b734f2effc9f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 277
expires: Wed, 05 Jul 2023 19:59:05 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 513A 5 KB
3 KB 93ms
28ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: a84a4076a1590875395743ab8db9dbd0cd1dbf9f2bea52fae26980169fef4fc1

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2712
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:05 GMT
etag: PRIVATE7520710249
expires: Wed, 05 Jul 2023 19:59:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
240 B 51ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-16NB6NMBW8&gtm=45je35v0&_p=1049577244&_gaz=1&cid=1007484128.1685995145&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685995145&sct=1&seg=0&dl=https%3A%2F%2Fnokta.md%2F&dt=Nokta%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%93%D0%B0%D0%B3%D0%B0%D1%83%D0%B7%D0%B8%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-16NB6NMBW8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nokta.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
240 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-16NB6NMBW8&cid=1007484128.1685995145&gtm=45je35v0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-16NB6NMBW8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nokta.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548798-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-16NB6NMBW8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

807374b8985f3c407c4911d00dc7e8b2580fdb698ab6e1e7f381e985af97cf9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47408
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 19:13:04 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 166ms
81ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-16NB6NMBW8&cid=1007484128.1685995145&gtm=45je35v0&aip=1&z=784179032

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pica.js
nokta.md/cdn-cgi/challenge-platform/h/g/scripts/ Frame 835C 6 KB
3 KB 14ms
13ms Other
application/javascript 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nokta.md/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca06aef663273d4ce7632f7bd2a34bd5ce7ddadfdf2f27ecf14f7939412da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7d2afe7a6aab3675-FRA

GET
H2 200 c8d64788e5b75202be0e.js Show response
yastatic.net/partner-code-bundles/782287/ 14 KB
5 KB 215ms
107ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/c8d64788e5b75202be0e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ff74b1903d98b0a4f8af51a61ccaad761f6738531b9ee1d900e051f9e404a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4775
last-modified: Fri, 02 Jun 2023 17:33:49 GMT
server: nginx/1.17.9
etag: "b564c6539572b9b1891f8f40b67e2dbc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2 200 6ec16c1fc685ff14e8fa.js Show response
yastatic.net/partner-code-bundles/782287/ 19 KB
7 KB 223ms
116ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/6ec16c1fc685ff14e8fa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

63e9125ea05c3972d30adc74b7bb37a53b9ddaa7e0622c342d88da8e8a398b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6457
last-modified: Fri, 02 Jun 2023 17:33:48 GMT
server: nginx/1.17.9
etag: "df89e76af8e494249c382e28f9aac0c0"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2 200 dfd49c89b1ff76ccac7e.js Show response
yastatic.net/partner-code-bundles/782287/ 113 KB
24 KB 244ms
137ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/dfd49c89b1ff76ccac7e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c64673e1b19b827d5ce213e0287887af27cc1f814b08f702ff3008948bcb592f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24018
last-modified: Fri, 02 Jun 2023 17:33:49 GMT
server: nginx/1.17.9
etag: "090fd5f75efd5a345608e4c82933937a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 259ms
154ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:45 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 188ms
85ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 52f02b5d37ce77bc
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 01:46:57 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/239538/getBulk/ 3 KB
2 KB 106ms
105ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/239538/getBulk/v2?pr=1222634194&pr1=3686631877&dl=https%3A%2F%2Fnokta.md%2F&prr=&extid_loader=&extid_tag_loader=nokta.md&date=2023-06-05T19%3A59%3A05.407%2B00%3A00&pd=5&pw=1&pv=19&pdw=1600&pdh=1200&ylv=0.782287&ybv=0.782287&ytt=536011918671877&is-turbo=0&skip-token=&ad-session-id=2701101685995145419&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1590%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A10%2C%22top%22%3A1190%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=782287&yaru=true&p1=cwutf&p2=y&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=770116%2C0%2C13%3B770133%2C0%2C76%3B767546%2C0%2C47%3B769344%2C0%2C61%3B779266%2C0%2C3%3B764672%2C0%2C80%3B778906%2C0%2C18%3B780721%2C0%2C7%3B770136%2C0%2C41%3B761180%2C0%2C29%3B765112%2C0%2C50%3B782173%2C0%2C15&pcode-flags-map=eJy1WVtz27YS%2Fi967uTwCpJ5A0lQwhFJsABoRel0MEqiOurYSsdx2jSZ%2FPezACmJpGwodnJebJrSfrvY27cLf51dYaHEgq0UzlWJU1KqgnFFa5XiuiZ89vK3r7O%2FNzeftrOXM8lbMvtldr%2F9eE%2Ffwd8I%2BX4Qzb79%2FssJpuEsbzMpFKtVg1tBrAiRmwR%2Bh0BqnJZEkYxVJ5CSCqmNuaI5YfoBPk2ZwrwawW4%2F%2FzVBDf3QoOZUGNiMtbVUnOSUk0xD4qaxW%2BY5QeAdzwYHUVVbSspZWQJaLfUD4WqFZbYguZK0IooVhSDSjut7TjTxmaQSTMR1rlKWr3UkGsxxRSTg56TAoHeEWeBSjEGDKEAnUE4kX%2BsA1ESuGF8qwjmzhzIKURAlR4Q%2BGCLD8LOkS3hs%2BRVZA%2BIKTBJ0XtvhkBP50Rncj2CUrJ6rosRz7bO2zBVEsFwrsaRN5%2FwrXLYXsi1CUYxGMdW2AEStyBXh69WC8EsQURD4RwgIfbaEulmzVipRMvhBXxMIY1vnmFMiLoDFbuCeckEaL4EhgrKxb6LYSTx3JBt7cW9IW9OS4RySRZcurkaJfX%2F3aTsQC7zYT5xODI4vhKn1icy0ngZCkJuCkFqxVBAI5jiptvvNm5vtSNJHXtLFcA35TV4p3qqcVZjWNoWhE3k%2BelBMQUVLTlOruOc6KOjFtWQnonC5wmthlYRulHQRyYsGCkk0rAY%2F6QSDEI9EPcdxxrKB43dam4zluueAaC3t%2BkKA6T1bMDgn0aE86FPklTUwoDKKvHNxWugmstI5BcF6DsLBgLOi8p2HpUuCea0qxnUhcoon5%2FZGSkPH6b3ccMo4lWuVrqHJk1XDuN1hKEJ9Kh5ae9%2FSM8GtgokbxV10XpPaU1QoWuE5EWpF5UIftcF5Tuu5sFRPmARh0Gk3hAIlJ9cNUb5dcxBH4cDFFc%2FgrIKmtIST29UlEXpUUnf4rKTZ8oL2A4bhr47WFfSMggJtUX2IAmfEjhF7PWd1dvQgHStLZhgLmmCKoRmeuNEGiRwv8LvM0S2YkwJqbQFNfk4zq5wb%2B31pg6KC8kpnDif1of01nKQ0t0JAd%2FDcUQpBK%2BSQCzAhdA29aMtSZFw3OiGsFYjcxA2C4QAzGVV6%2FoYXBa2pJJBm2RIYzJrlKAgdhEYmigpzqX5tSUs0%2BCWzQoRQeGQWueAwZkwsM0OBziFaQ5XT3PCXFTRyoz5mMBeUINr7HRe6EmihZxZlqMgegChOUHLkoAJ4ss6Byjt5TUeN%2FXBj%2BXRpSNcqgRK%2Fj9JAQpiEGXvFrjcJnOiIAh0v1wjWURShOEDuVLOqYBDFdl2e53S%2BHiTjnEOYYHRaSmb3UIwC1z%2FTKud2neDW2B3m8mlSe8BVpnFeGsVR4qG465gT6aJkelrJ%2B%2BHQDpLEfeI9BmLiOcL4Y%2FdZ3W4%2Bq%2Ffb3fX7%2B0fgzB6gliTFqSroK%2BtS4UAbH2V%2FV0AwM9bDhlHDEGha07yFdUOlrV47MkKv7EURuU7QswTnquuJsgVK7YrL9HlTx%2B18cWGlAqSuOkr8em3qUZmBZCj2dfbH9v7t%2B2pzd73bz166IdD67Yc3u5uteLu52e2vZy%2B9byPUEDjAoA47EcwnKi1129eb2lDBb7Pbze7mxd0nsO3fzf7d9jM8%2F2d3u7nefhy9ut7cmjfvvmz33dc3f%2B%2FuP3SPty8Gf7zb7%2Fq3GvmIAC%2FuNl9uPnx533%2F85a77%2Felu82K%2F%2Fefj2Rf%2B3Hy43RnR3x8%2B4rBoTqG1hw8FvnMurPMTXwg8SHZVV2MJaQLNgc%2F7FqEknlsHVmjI3qC%2FFARSjhOcSdggLgiGvuOdczqtG2BCTepPZPTIRz6KHwUcdBS9b30nEmzTRwY1MHVbpRfsCF0%2F6iJh7h%2FMrg%2BSQHQpyTqGMTOUvecATOR09QiNQfOtnpmmZXQmhTzHHYwn0AO66wfoGNqXdlkfGNbIzkHKA4vLtV0gTvoFuV%2BJMxhhOOnvE8xdgmZTmJGeRnSw4zq9JT2w2RXluiTzFlB%2BJmrKuB4hGOySkG9PhkR%2B7%2B4pMZwasmRttuh0wS6jG7LUgzMrmT2P9GVB%2BHxs%2Ff0SlleR4caeM9%2BjqCf9HzrGYaeDEdncYp3us%2FpB%2FoElF4hhvOVGkeO66AJe2hYFBJVUDWwpJa3oFPTJiFcNpvnPt1B7%2BNmotb7i%2FMmWPoL5Q%2FF5GPP%2F54HnRv94y6enCnPT13CWESFgK1fwoVSvqvLChZrj%2Bv73g%2BndEXYPJdZQbj8fGue5qmj3PiuZ0OMgBxa4eC34nFOYK6eWl9%2BNfdgsj02nYSvCBb7S2JVGA1zKxCH7QHk38VZELth4pnl7fzNmpigM0JOv9QvG9KwLfHthVj6tc3qn7mG6QbniuvxgBMrt3BnBYoJO8xrXt%2B8ZlbSk9dJ%2BtAD1a8BA0HC93eSj2MHvg%2BsYu6Vx4ox8yUlDsDRUqcepiRMfvF94u5%2BcInYi72zVO4g%2BlYVPYBNbzH83in72OcGbOweI2%2Fm%2FJabO1tl6itIi5%2BBwOl%2FIGkpgJPjmfj%2B%2BHkeu%2B8jeOWVvs7Dp6tR2CamXG07%2BSzJ5KQlD19UR%2FfY%2FMjUGvQ%3D%3D&use-server-side-rendering=1&pcode-icookie=U9aA9VqVparLHRLUThJqe4EH4Ftihx0JKtXvhaU0R3eDu%2BWD5dfkZsa1vYcodnbsJnpAdVqkmd%2B5%2FeWVQQrw4chlsa4%3D&top-ancestor=https%3A%2F%2Fnokta.md&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMDJ9ChKikqzkOOKAYLBOXKgS8zhs4tgJ782WWSwWSxyLLQvKjLeYix5bLLf9ZIjDO_D28Z94O_FJTk5k2SzLUu9tbv62oB4R5AoAABIRFhHbk5t8_ly2Py0RIREhAWBgaR2aiE2X9byHcEN5qAnlAWPAECp7CGKoDUlDbUAfkoTKUAkhj4P7SMMJmFaSdIFoQ8KQMKC7FKKALiRbjkx9xVWhesWIA-TDtBdewlB-kLCXu2z4LFvaEEblDH-5K86OMlQPS9wWnTnm4rakmZWLW5fo4pQLf8Tg5m88uM3p8jBl5hRcuzXV2wyJUZdEJnu3RSZdatKBa3ewK5dkVHDlAoZDEYyVog1AWSnVoSxAutCtCJUBTQ8RryDSkHi5KkKt4JBPe4hRL4jF0WGHfMGTnd0KM4KAcTA-JFoYB4u1YulYsqoXW-lXRhmg6Av3ME03JApoVn75BzQL9USF0COp6cN1JbUFOhvFygG9VC7MIJ0uxelpsiO1TPyT2pAoQHIh6CsXgLrQxBTQLYllh1TlSqIYSFwaG4YPbU4ynBAkA6mqAHGDbc5cNSQdugTs_Fzc_O1DHJGVudviTK8H126JzGk3ZuxprkvNxjjTpbk1RZ2xxrpLNdHEmkMAAV9nNbGZIlSmjsrIkYOmz22R2RjpU0OvYHKW1JCjF0AnwNdZbJyGVG-MTPqEJbVzcZsyFi5ua8JSqJprzxJTarC7ZZbnymdeUJycccQedUtitaamXG9eEf7MATMnpzk1sfY8T0yJbrmzxl6xhD2by1shoyExZwbm5R8nSzWX6-LOEP8Ix0mBY1jKk8Xn7oPNdczGNF8I0XEOWM7MYLMsxHn5RxygpTbdUhmxGzKznnM4eUUs2WKpJYmthtTklcHIhwEdL6_9BJVchRNSCql6Vo58YJNCNkB_cNq5BM1vbk6azgO1w7PtC6CWRFJhftbYzVlioDuYdgxxSQFEIVC7XhTLLFCzVdQh0CHlAoEbUncePh6MDg4OQu-TJP5j02WeM-fQmRaU3piZvNKcnByZjc1qiIxz2iMmnneduXYCRDk5dSnK5R_C-bhWz8p95DIESDoaMAENOtiFjQJwVogihhD6dG57qUMdGcz-8y430q7tbxI56iSNrU6yeUQ5OZMlkRTCGjUEcElRfs0Ll6HIRRb-b5d5d21Z3gOabS54zJ5bMwNbH7F8xvduQ-X9vbfje0t0GXt-LEdlyIzGC0liKcrcEKHqdqekLYr7geToXKKJaanOK7GhLbr_mv663C08c48QOhtv-98IShLXybD0hh1EIYAsGFyiGWgZyjxOHFjpy-xF2wxRHHNEKOceDLrEFqeF6_D_RHfB48uUK-K2YBArWLE-Ey8YJya2_JBkXwyeXaJ85-xveTt9Q8V21LexgF5sA96WOg1ZORwXqzSftzttpwttTwqhT0fpIcK3W5XP5JvK-1traIqlFno_O0x1C3di9h2X3nYwPYPptNJtzfs-hAJtD5AtDPL-GbgNawr6JddSrDrVAbLTrx1639OmTTAuCWC8fh2pwnuBVZc3fZ412t50li2id5aVLB1KVe4XA4G_fp1rM-rKSns2y8vTuj3IzoVxSL5l-1C29EyzCNViJ6YXNv2eNhuzY6KbszjOT0meG1Kr_XdAsfhJsZ0dVgjgHlKtPAC7c2I2IJl4lm1LPvbIwNx1GcrIFJmZ8zgysRsS69IiptV7ZmwFUq8FJ48Enl_cvUQk2tNF_gc1qbn5-g7NHOxCsGKqScGOfk85oF0eNK5_QP1h4PVfH_GepSJUE_wsfGFIxKG3WFK9jiVa7KDY-wFlt7stpBz7YIf8K6EZvCKZab_glLNJz_5ntiP7-u1CEX8gy2pVM_UK0u8SmbRMULTC5DyJpMk-or0VmDt6Kae82fkagNQmfkvYlfObxVQGUZ-Ika-_nlAE9AsbZH6RJTcnhmVscVw1w_gH72fSOwlV2OZ_iy0z2jT_22eFbMjQ8twOFsAB3wYWyK4nPT1m-LfUfywy_6I2V2Rss2qYmjxZNZPKZ6qBgjn3vtzrUCDfOTFJZluviolaUb_FWycUZnoZWGjQoHXj0-Lfxx5JbXzadwjYr3AZW5ZGWldNNr-f3qB5dsU4HWdWc-BvmdBfpJ30Zs9-NnL5ED5XmQ6_cFyEuL83aV_9a0qzoXwyRTg9RNRv8UC1nUGyXzUQnrw61yebp6Tbe6Y27N6yUGdI2Nlf9TiT7gq3O-0mbpD51NtTHBOcFvusT5oRp7ppANsS_m3xsEA7efbUTODZ67-9AhO-b6F9E-oo58icdQCqNNNZtnZBlVjZU113QpNLyL8OD-8JtO8ioa-kAsstllmtyRQZWXwa7FyC3QnP8Y-iBpiRTef2x7B8BzHjy8Y375kKjizR8xVPbsxq2AzCxkwwpDpFNqec4H2ep6wGqHLTM5s5olhM_iTJhyWLWWdYohPg4xVfOkKVxKx6K26TGHwB8PignMQGVg5cJzGfAA8Pn7h_Oe-BgHGzZES9d8X60oXAGWNhNXOYsiSG1uwx717bPRspzByFmSNWyRwltlbcjopt2RjxNGAs4dmGvGBxDchEppg5N1sl4qMLf57GqVkSvjiKjPlgmh2_Izv_p7HssCbfYQ1vAUQQwuohCFtmk2_JBmcrujk36hD-7soeL4Ipz8hXAoQQWHBEzEb7i1IaUavG77n4Q_keLPSP890RA8F-iSnl4h28EGbBMKrFMAANzlAtzgG9wBOnAG6mCXWIkH_SItiLJwgXmLw_PEHVPt8HgOE7wDDPH8HygPd5TrlML_XUO8apT99fOf9EvNTPN-eBFCsCd8FSrrjIL4TgL2xJJN4_0JaaslzPEo0_1S51je-oknSNY7-PUS3-UR_PQOzzXc-3Z3cR8AMSbNDBAAyYoJd_wFr4ERXQcCoXuMswUPyHG5h97w8c7jIO_IKGO68EanaRPATIgkAYUon9gajfQy_8nqd83cE42z3VMHX_r-F9UsIOyQXaKlKWd852ub5O9fEG80sJq27ZCuysmwHXhhncBQUcZH6TB91rzIAGEow1fLcAN5DaiMT6ZuOE3aLz3bTp5omRQc9ps0SJLcWvcxYK6ndom6vjkosXo7BIx8EoAzphlEEYZRBGGYRRBmGUARNHGUQItGOSXiOM3QljdxCV0Tf8H_ycmPq3Wc8R4S93DlwxEdNmuUM6E-3Dbpvaa9o6lZBOr-pvQkwBksvS4_Bs0xsjw7hEyYv9GHbCB_LZsdYqa3En7ZXQvRN_q7wZ8Df3aHU6fTFheSUxS7IV2Vi0fO5uefaHz7pN3Xwjli2TQ5IegHqrF9KhFWCiRdvw9sFGQ5To9c_tE-bMXuyChnBI_RJUOZkD9vokiDMZXfgSIK74It7cgmxqtFZgbFG2fyQKaI9r4zx5-HcqbyjLITHg6ashM48U1upQfLdAP4XYmRUgnzoMxZNumnbXTHO7TxNIWvXVLnq0v6_m3gbKlN2CVb98D5ipmLnLXu7JZlf962sl0USLGV7fzD6-AiKRuCWcvj5jFCf7mqxahUu1uLXYIQ-TtyC-7HnDvLyWgQP1izM7JohnCj1nfll4M5SWsL01rdg8g3BnNxgpSxSz6kRzx9fnPy3GhOFj8je1UeAlnmal_oqrpjMqX2xPZwto26JvBR2AUnZ7M4pWHHXJpz3WS_TAf_NXtapnHIKab5Jsov-eUsLXh_3f5W5M1OLow7DeqiLqIbBPUCfk_Ajl6GfKCu7Md0nq-FPOqzTznKkKH_uv4ZSGnUWTeoon0lfBmlIgTV2F4liu-rCrgZDJM-XPj0V06OLhP_GywBW2Gig_QSBuxofgzlQKINxzJ1kbqj9EVNuI6J8iyq_oSjODnfB58HafgFZwspK5Hfp3_clhePjymdeTK9Tso0Xsmltgajx16R-PtT6RWG6qfi8p0dzOQexxYoUbw9khDbt5oVqcG-ZMicUPutZ2HlNqla2mP-ytrlHxOsUnLuzu7K8tSSYarf1rrq8EzNJOVgPNJfpclaemZmzhbFH_Bz5m6fjkY9qP9goyrqajmniEthU-D8C235F8wYhKaIBiceEfH76y6-SoHkyV1iqTsAT0u07LA8j522Q42vYyJ-wTG4dXQSlEK2vw7nNYx6dMff-ztupfyGpqrHSv6WS8jHdXvugkvKHks5c2wOpoW6xD_GqEoUavaV8PkrdA-OfUK8GJcRG1sz5f0dRosXmVgscW-qM8lXPErKlUh8oQmSPcMdOXojmPx9Z2KPWiqGBBbOF7BHtvmnq7ytdB8vvm5TP0SCvy7eqWjLXDbCuuCBjyEH5AWxyYxM0Z6k53RfKNQoAfC2Rxlfocn_Sw8bXxmPMfYCQoI30HhCUzmDvg4gWfJmyWKekmHarol7eSWd68yTPa1OMUK2ieTxujDwnzVpEFdJv9ipgW82AUPgYX9mSLzIcTxknnDhLAOhjktSlOEUZZtV1RVC9Jc2hUcPIb0dfg672AbTVk9-TT3IZXFUJH23n5SgQV2STFJQCu-px-aUtf_RTKcqa1Rd0omqnWp6KaxYOP42eLry7m7njWdJtZZGPrUnA5L1_R_PSwD1V7QUM6Hta9Wk78oOUOBZ1IAilcSGU4iNWRhkf00CzTXRaKhlBvQxJ34oTKggLvHMPvgq7YbY9R9j3Gu5L0zUFw_0Jb6VpE1Tif06mg6Rj5-sNBDKLlfZC7zSzMHAsi58j0FrbMlOWD8rIdf-gqY7_EHU5rmM0nc-RBb1qoQOubuFWTqRbBE4umq6yJnKdv9y4NHc0zUPxtRH-bso4j36AvoBOY9Nv3UTfTXo8LSqx5ZnEDLnn3jJHP2BFRxZsXvfD0fRv6gLblE7Lvo-om6X-8plfrTej9gUZk0hVqeq3PGc-LqoZqVh6tq-bxoqA5ADhdmGdQrAOz2oqpmjl78w0WOt9gRpCkeBFa8NU92dsI_iH5lyMXLRIovGzpZVdlEBeeLbgxdq9hQOKb72n9B4if5x_ajM3i_Kc_aAwyuPt5n9BsRaTwYVY672ZIPa59_-L2AY2tKVmL3RxZxf72fBss3-RU1B_w&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

764b531d5530fbabcef4d051db1714fe84ed04af0c02ed31406dce142c5578d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1685995145483636-4180658473484376349-balancer-l7leveler-kubr-yp-sas-47-BAL-3231
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 05 Jun 2023 19:59:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://nokta.md
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 200 726b2347bd9b6646c072.js Show response
yastatic.net/partner-code-bundles/782287/ 23 KB
8 KB 187ms
159ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/726b2347bd9b6646c072.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d6fec90f3ead5ea1d113b46f0430054d46d98a249bcdadf628f8415090755055

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7931
last-modified: Fri, 02 Jun 2023 17:33:48 GMT
server: nginx/1.17.9
etag: "754ab980342fbea72e8167efeadcb428"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2 200 05b2f8dfa440d3ee8a31.js Show response
yastatic.net/partner-code-bundles/782287/ 7 KB
3 KB 146ms
146ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/05b2f8dfa440d3ee8a31.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6c148f870e7277fda530c7f01eaa6e6b03a0c1b9163999f25de56bc2ba520122

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2079
last-modified: Fri, 02 Jun 2023 17:33:48 GMT
server: nginx/1.17.9
etag: "1a807dda080829bee777b169f3c9fa12"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2 200 4e2294e7377289135fec.js Show response
yastatic.net/partner-code-bundles/782287/ 620 KB
118 KB 146ms
146ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/4e2294e7377289135fec.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fbb0a2b334bd1eefb2f50a997e407ef523d3afb46500de840c1e482dcc325adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119978
last-modified: Fri, 02 Jun 2023 17:33:48 GMT
server: nginx/1.17.9
etag: "e2d164439e83b4528811c98852767601"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

POST
H2 200 7d2afe765ce33675 Show response
nokta.md/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 835C 2 B
292 B 36ms
36ms XHR
text/plain 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nokta.md/cdn-cgi/challenge-platform/h/g/cv/result/7d2afe765ce33675
Requested by: Host: nokta.md
URL: https://nokta.md/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
server: cloudflare
cf-ray: 7d2afe7cddbc3675-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 0f9e37d8e0d4b3c408cb.js Show response
yastatic.net/partner-code-bundles/782287/ 9 KB
4 KB 47ms
46ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/782287/0f9e37d8e0d4b3c408cb.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ffb08219236ac6c536c109f4f65b6c406d56e9b27e61f5426a3f36691f79d82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nokta.md/
Origin: https://nokta.md
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3559
last-modified: Fri, 02 Jun 2023 17:33:48 GMT
server: nginx/1.17.9
etag: "63efea6a959a1da9166ad7f489cd5a66"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Jun 2053 02:33:35 GMT

GET
H2

200

rexdot.js Show response
gamd.hit.gemius.pl/__/_1685995145798/
Redirect Chain

https://gamd.hit.gemius.pl/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokta.m...
https://gamd.hit.gemius.pl/__/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokt...

169 B
422 B

93ms
93ms

Script
application/x-javascript

128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/__/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokta.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LhDKesfikpAXGCjc_ugSwBjP8JGg7HRDyNHgM5lcFRn.I78jqjqmu8cMp5v.gIR_qzQzJGZukMfyFgh0Q0YUgWuShC9r/QthJ5JKa4.Vbs/&fpdata=GLywPor72Wqx78ytPt_4KZJCWWd5dzcClTgzyCV2bIj.x7&ltime=505&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647e3e89115e6918&brts=1685995145&fpcap=
Requested by: Host: nokta.md
URL: https://nokta.md/
Protocol: H2
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 43974fecf108054677049a82854bcd0a723d2060640900d771e590c480362300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sun, 04 Jun 2023 19:59:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1685995145798/rexdot.js?l=100&sendf=24&id=p4CVTv8hZWafEG2PdZ9EeqPe7HjucV.3GM5JM0.nB77.N7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnokta.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=LhDKesfikpAXGCjc_ugSwBjP8JGg7HRDyNHgM5lcFRn.I78jqjqmu8cMp5v.gIR_qzQzJGZukMfyFgh0Q0YUgWuShC9r/QthJ5JKa4.Vbs/&fpdata=GLywPor72Wqx78ytPt_4KZJCWWd5dzcClTgzyCV2bIj.x7&ltime=505&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=647e3e89115e6918&brts=1685995145&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 04 Jun 2023 19:59:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 139ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111548798-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 18:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5018
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 05 Jun 2023 20:35:27 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 69BC 75 KB
25 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/782287/dfd49c89b1ff76ccac7e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6a875acf6d3a327b6b0793a54733855b3243563af19fed361382a2130a41f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25267
x-xss-protection: 0
server: cafe
etag: 104 / 19513 / 31075036 / config-hash: 10662209317896111161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 19:59:05 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
230 B 336ms
74ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=42a86753376a1ebd&pm=cyz&p5=nmoxl&rand=hpchags&sj=qanX-Pzuz6bTIkUUDlzcBC5wxuAhqnlJikb-lJ15YS09t9sN30AJ7fNs8qJduA%3D%3D&ad-session-id=2701101685995145419&lts=flxlzrd&ytt=536011918671877&ybv=0.782287&ylv=0.782287&dl=https%3A%2F%2Fnokta.md%2F&pr=dyxmsmc&p1=cwutf&rqs=iT4_nddkeFaJPn5kNOq-Sbl3V1ENWCJ4&p2=y

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Jun 2023 19:59:06 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/ Frame 69BC 406 KB
125 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 13:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22554
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128353
x-xss-protection: 0
server: cafe
etag: 2840082887590536516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 04 Jun 2024 13:43:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 69BC 90 B
94 B 74ms
73ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nokta.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23f1cf894af232eefc7489d3fe3d620cb38ede4291dc191b27ebeadafa2fb5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69
x-xss-protection: 0
expires: Mon, 05 Jun 2023 19:59:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 45ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1049577244&t=pageview&_s=1&dl=https%3A%2F%2Fnokta.md%2F&ul=en-us&de=UTF-8&dt=Nokta%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%93%D0%B0%D0%B3%D0%B0%D1%83%D0%B7%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=411158188&gjid=731534018&cid=1007484128.1685995145&tid=UA-111548798-1&_gid=1559652646.1685995146&_r=1&gtm=457e35v0&jsscut=1&z=877003569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nokta.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nokta.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 22ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-111548798-1&cid=1007484128.1685995145&jid=411158188&gjid=731534018&_gid=1559652646.1685995146&_u=YADAAUAAAAAAACAAI~&z=1910786693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nokta.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nokta.md
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 69BC 107 B
531 B 154ms
45ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nokta.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 69BC 107 B
456 B 145ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nokta.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 69BC 78 KB
35 KB 316ms
316ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2401189694259918&correlator=1078984358192999&eid=31075036%2C31075062%2C44793809&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fifs&iu_parts=22776189532%2CNokta.md_probros%2CRich_Media_400x250_Desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x300&ifi=1&adks=4042043804&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1685995146196&lmt=1685995146&dlt=1685995145830&idt=340&adxs=10&adys=890&biw=1600&bih=1200&isw=300&ish=300&scr_x=0&scr_y=0&btvi=0&ucis=1epnlguykdz4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fnokta.md%2F&ref=https%3A%2F%2Fnokta.md%2F&top=https%3A%2F%2Fnokta.md%2F&frm=23&vis=1&psz=300x300&msz=300x250&fws=256&ohw=0&ea=0&ga_vid=1007484128.1685995145&ga_sid=1685995146&ga_hid=1706907903&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67121bf6699d6f2ce15dc0b2af2fde8dbac8e6c5d3480e6b9ff83e646192aa6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36090
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nokta.md
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 69BC 15 KB
11 KB 187ms
88ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf62e4d08c1e5ab044210ab153920d7fc20384ec031c3288336656e484517238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11218
x-xss-protection: 0

GET
H2 200 container.html Show response
46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D6A 6 KB
3 KB 152ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:06 GMT
expires: Tue, 04 Jun 2024 19:59:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
nokta.md/cdn-cgi/ 0
177 B 15ms
15ms XHR
text/plain 2606:4700:10::ac43:510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nokta.md/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:510 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://nokta.md/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type: application/json

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://nokta.md
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d2afe80eb933675-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 69BC 17 KB
7 KB 163ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 19:59:06 GMT

GET
H2 200 container.html Show response
46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 28A8 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js?cb=31075036

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:06 GMT
expires: Tue, 04 Jun 2024 19:59:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C18 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 17:16:21 GMT
expires: Tue, 04 Jun 2024 17:16:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 64D4 783 B
1 KB 151ms
68ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f693e134e907e2db7586263e65c84ad3ea312453ebab432e8538857804a6d9fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NiLV2Azo-b8-02nj2OcUZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-NiLV2Azo-b8-02nj2OcUZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:06 GMT
expires: Mon, 05 Jun 2023 19:59:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B4F0 624 B
827 B 179ms
81ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_InAEQn_W42gMYtabI7AEwAQ&v=APEucNXhVipckz1ImMQSEoddZV7INnEWYv_v1010mMI-zIphulWf5N9vrcuck6kCzCqlOntMiwY31AmtSkf0P6xE-TnvkOnq1VqxJBm0nJHB65VG1ngszhYguXBMYQJrCvRVjm3zsuNKjfa_P5NceSM4fP_4uUXViESlCYg3a1fu-24Nq5Olezw

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:06 GMT
expires: Mon, 05 Jun 2023 19:59:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 28A8 22 KB
9 KB 111ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:36:38 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame 28A8 7 KB
3 KB 117ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3047
x-xss-protection: 0
server: cafe
etag: 5552017188384030315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:36:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 28A8 0
0 189ms
78ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4EL9htFp9bVEisYrjiu9GYIbDCPzdAXUjOa-KQxH1R2ZJwNoEvSbfDMugwzVqXqhi-OQxpRjBKLD4Za5FpNNYXswKU_V3NDpRLZrO5e6L0fY0izFY8CWBXuII_XcUiAtiPckWiucII-7G7Sa1_hajmn3svb77eGH266mwhF871oPXroDfjCzAegZACoNdJtqRq834CGGSr9mdfzxD4JJIzg0PkWt36NCsh8oT_Zs3fh9f8MgfK1Pfg0TuuSZZXz44c8mSxBMxg-SN63a0w4BcOfWlzXBsGyBxlQ2cMSzkFx0pjeiRyYNrhR8HPvcsMIUugwZKuFLPRL6-VmuRDrHJb7asImGrvI4aDzGcjohCO6rR1iwHdk3rmJQbaC9NuWyzKrE4gaVYWoNmQ-RH8bftkb7S2UBgDfH9iASIr4NgCJaEKH7YkTqMZZpx0otWI-zg9qlF5AdhfKVBuKP5htllYPSo-A1rEC7hEFFK79n4q-aSJNoBEW6ocd-j_kLhG08zc6OrmF7rj29L-dYGdmc6TVpxFgSW4pHgi1Frc3wQkH810YEYHhFAPoZIyS7XKeRvFCegIwwJi7JWJSVsUlh_0uUZ5wrL7oDLrNmrWhYKju61ihv3RcMDsU2HgRT4OabuyxsCM5W-tbgS9ta_12Lkk8sgpsHUlxY3s8Gr466sLUn432BhLVrH8xbHfA3RVcaxULrnInojNQShRBmINkwjWpotMJeE9m67qVjbPzd_vXXUqx48EM_Vj0z5jowq0IO9MfXB6omp02KL1v-S8IiiSg1O3hk848urOnEFlbWywTuJiba_tQhcqegukbgOMBz7JMJGci0bXQQ5JzfxUfnagBLqYfA4Ue97b9A4ih4OFoOK_RUkrZ8vcPseRRm9yN3vB2zZOyX_KJVn46V4tT1-q5EySfJzSsSZVo_BGkp4Noy7ZeT9KuSeBlnDYgGAaAbYdQLI8N1GE6RFPQo9jrxQvN0XG7tJhHRVNa7AaqCBK6NYWAvIhwml2aCHmBd8HqnZ4HA9aELodyha-03TcVY1lXo37a31cV9W9DPzfIQoy-1PMdalvMmA_NPRAmVjrQqKzQQBFSXB1PN1NAIXl5DmYrLMrBSxeHb1S2nKCqV1SVzr5UpMxetfhxK56_hQoBGhEXfh7iNspf0qypHB3hFHKgJPX4bQSbYnBSxbl6Z0coruzUqz5zBjCIzlG-MQTAzF_Gwb0gfT3_NV&sai=AMfl-YRpapKEKwUC2-h_XMPV1pZmnGjx8TDKLPiGrU5jBnpbXqvE1DvljUDmMkNfSuxLmUy-h9wzsOiggKvRqAM7zt0XKW4a62TYbLPSn3FputZ6IIGIHx7MwKGGBnQ4_lw80cQjesOEP24uFQYx9q9NVAXbFLZO82bmz3oYs-XC84HJrLpN4XNtnlL8kTmzSX1KMHpSbEaQ6pybB3vYvscvzJtiIWmebBVJQC79vNd9bEkk8-v_sNeSvkDf717nOXX-ah4gWwouKU58q3Lzn6RUK8TmlSSpbG1Znp-TdYH_CQNSrMTZsV345FFWLwPVZuyNWvJME5ZsCcuUc2wFLu_ZGoSuNKg-rKh3sY6NvA5jURYZJb7xy7Kv5f2wK7EzvmaNo1X8yq3wYykolMbc1OaDBlhHTR4VJZl6jcBn9UiRQw3bWGkoITZqZbUvDZrxcwME455XNuU1Mj_-d074uvA1MNE7sA&sig=Cg0ArKJSzL3NssMjxcE6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230531.75693&arae=0&ftch=1&adurl=

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 05 Jun 2023 19:59:06 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 28A8 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 30 May 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 07:39:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 28A8 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 17:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 17:16:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 28A8 19 KB
8 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 12:05:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28A8 42 B
63 B 136ms
69ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-As9fA05gdx-BzXyyTB1sP5oRxJqOAp4Pt4V2dScbV9KQ9j33fS8zBTSG8yTa7zXb-Qgw_okYYPQPJfYqEajPNhZdoIivVAUcWVIRkiS-j4W0uoHoQ

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28A8 171 KB
54 KB 196ms
84ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 19:59:06 GMT

GET
H2 200 4338236939503659858
s0.2mdn.net/simgad/ Frame 28A8 67 KB
68 KB 137ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4338236939503659858

Requested by

Host: 46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
URL: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be674cb900d0a2aa08878b2e770ec181842a0841d90a013c34dffb6d2edd53bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 16:02:20 GMT
x-content-type-options: nosniff
age: 359806
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68837
x-xss-protection: 0
last-modified: Wed, 31 May 2023 22:06:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 May 2024 16:02:20 GMT

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C18 37 KB
14 KB 65ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CCE 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 227183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 04:52:43 GMT
expires: Sun, 02 Jun 2024 04:52:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 28A8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1778355d9ed351e6f5d3842e331492c1dc5d4d4b41ffa120176c0595459ca1b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CCE 37 KB
14 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 64D4 0
0 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305310101&jk=2401189694259918&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B4F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_InAEQn_W42gMYtabI7AEwAQ&v=APEucNXhVipckz1ImMQSEoddZV7INnEWYv_v1010mMI-zIphulWf5N9vrcuck6kCzCqlOntMiwY31AmtSkf0P6xE-TnvkOnq1VqxJBm0nJHB65VG1ngszhYguXBMYQJrCvRVjm3zsuNKjfa_P5NceSM4fP_4uUXViESlCYg3a1fu-24Nq5Olezw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 19:59:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B4F0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZH4.ig1qkDpSys7DYHQnWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1&google_hm=2

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_InAEQn_W42gMYtabI7AEwAQ&v=APEucNXhVipckz1ImMQSEoddZV7INnEWYv_v1010mMI-zIphulWf5N9vrcuck6kCzCqlOntMiwY31AmtSkf0P6xE-TnvkOnq1VqxJBm0nJHB65VG1ngszhYguXBMYQJrCvRVjm3zsuNKjfa_P5NceSM4fP_4uUXViESlCYg3a1fu-24Nq5Olezw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 19:59:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECZ2uSAs3eAotzKy_Jo3KVU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B4F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB1HSZ98FuMDXWniVpSSvDo&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB1HSZ98FuMDXWniVpSSvDo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_InAEQn_W42gMYtabI7AEwAQ&v=APEucNXhVipckz1ImMQSEoddZV7INnEWYv_v1010mMI-zIphulWf5N9vrcuck6kCzCqlOntMiwY31AmtSkf0P6xE-TnvkOnq1VqxJBm0nJHB65VG1ngszhYguXBMYQJrCvRVjm3zsuNKjfa_P5NceSM4fP_4uUXViESlCYg3a1fu-24Nq5Olezw

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 05 Jun 2023 19:59:06 GMT
AN-X-Request-Uuid: b714d304-5911-4426-b41a-5b0359e2d9d3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB1HSZ98FuMDXWniVpSSvDo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B4F0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4OTYzNjc4MjAyOTM0OTQ4OQ%3D%3D

170 B
243 B

51ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4OTYzNjc4MjAyOTM0OTQ4OQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 19:59:06 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.157; 185.213.155.157; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ec1f7a75-8c75-4ab8-bdbd-0ef8178b2d06
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA4OTYzNjc4MjAyOTM0OTQ4OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 28A8 0
0 78ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4EL9htFp9bVEisYrjiu9GYIbDCPzdAXUjOa-KQxH1R2ZJwNoEvSbfDMugwzVqXqhi-OQxpRjBKLD4Za5FpNNYXswKU_V3NDpRLZrO5e6L0fY0izFY8CWBXuII_XcUiAtiPckWiucII-7G7Sa1_hajmn3svb77eGH266mwhF871oPXroDfjCzAegZACoNdJtqRq834CGGSr9mdfzxD4JJIzg0PkWt36NCsh8oT_Zs3fh9f8MgfK1Pfg0TuuSZZXz44c8mSxBMxg-SN63a0w4BcOfWlzXBsGyBxlQ2cMSzkFx0pjeiRyYNrhR8HPvcsMIUugwZKuFLPRL6-VmuRDrHJb7asImGrvI4aDzGcjohCO6rR1iwHdk3rmJQbaC9NuWyzKrE4gaVYWoNmQ-RH8bftkb7S2UBgDfH9iASIr4NgCJaEKH7YkTqMZZpx0otWI-zg9qlF5AdhfKVBuKP5htllYPSo-A1rEC7hEFFK79n4q-aSJNoBEW6ocd-j_kLhG08zc6OrmF7rj29L-dYGdmc6TVpxFgSW4pHgi1Frc3wQkH810YEYHhFAPoZIyS7XKeRvFCegIwwJi7JWJSVsUlh_0uUZ5wrL7oDLrNmrWhYKju61ihv3RcMDsU2HgRT4OabuyxsCM5W-tbgS9ta_12Lkk8sgpsHUlxY3s8Gr466sLUn432BhLVrH8xbHfA3RVcaxULrnInojNQShRBmINkwjWpotMJeE9m67qVjbPzd_vXXUqx48EM_Vj0z5jowq0IO9MfXB6omp02KL1v-S8IiiSg1O3hk848urOnEFlbWywTuJiba_tQhcqegukbgOMBz7JMJGci0bXQQ5JzfxUfnagBLqYfA4Ue97b9A4ih4OFoOK_RUkrZ8vcPseRRm9yN3vB2zZOyX_KJVn46V4tT1-q5EySfJzSsSZVo_BGkp4Noy7ZeT9KuSeBlnDYgGAaAbYdQLI8N1GE6RFPQo9jrxQvN0XG7tJhHRVNa7AaqCBK6NYWAvIhwml2aCHmBd8HqnZ4HA9aELodyha-03TcVY1lXo37a31cV9W9DPzfIQoy-1PMdalvMmA_NPRAmVjrQqKzQQBFSXB1PN1NAIXl5DmYrLMrBSxeHb1S2nKCqV1SVzr5UpMxetfhxK56_hQoBGhEXfh7iNspf0qypHB3hFHKgJPX4bQSbYnBSxbl6Z0coruzUqz5zBjCIzlG-MQTAzF_Gwb0gfT3_NV&sai=AMfl-YRpapKEKwUC2-h_XMPV1pZmnGjx8TDKLPiGrU5jBnpbXqvE1DvljUDmMkNfSuxLmUy-h9wzsOiggKvRqAM7zt0XKW4a62TYbLPSn3FputZ6IIGIHx7MwKGGBnQ4_lw80cQjesOEP24uFQYx9q9NVAXbFLZO82bmz3oYs-XC84HJrLpN4XNtnlL8kTmzSX1KMHpSbEaQ6pybB3vYvscvzJtiIWmebBVJQC79vNd9bEkk8-v_sNeSvkDf717nOXX-ah4gWwouKU58q3Lzn6RUK8TmlSSpbG1Znp-TdYH_CQNSrMTZsV345FFWLwPVZuyNWvJME5ZsCcuUc2wFLu_ZGoSuNKg-rKh3sY6NvA5jURYZJb7xy7Kv5f2wK7EzvmaNo1X8yq3wYykolMbc1OaDBlhHTR4VJZl6jcBn9UiRQw3bWGkoITZqZbUvDZrxcwME455XNuU1Mj_-d074uvA1MNE7sA&sig=Cg0ArKJSzL3NssMjxcE6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&vt=11&dtpt=252&dett=2&cstd=0&cisv=r20230531.75693&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: nokta.md
URL: https://nokta.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 19:59:06 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
66 B 72ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=c83db59efd68583b&pm=cza&p5=nmoxl&rand=gsrsdwd&sj=qanX-Pzuz6bTIkUUDlzcBC5wxuAhqnlJikb-lJ15YS09t9sN30AJ7fNs8qJduA%3D%3D&ad-session-id=2701101685995145419&lts=flxlzrd&ytt=536011918671877&ybv=0.782287&ylv=0.782287&dl=https%3A%2F%2Fnokta.md%2F&pr=dyxmsmc&p1=cwutf&rqs=iT4_nddkeFaJPn5kNOq-Sbl3V1ENWCJ4&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Jun 2023 19:59:07 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3C18 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2ik82g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CCE 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM4Onij5-ZMihD4Ki3wOB-K6oDwAAAAA4AeAEAg&bg=!iYqlit7NAAY9J7QfHSc7ADkAdvg8WnhkYo_xW4rc5sOv_Z_RurRfSJZXSr9nnWux4jl9IK8aAPYi3aeWapjiDEs2_IWvvchMqTgCAAABEVIAAAADaAEHmQNOrK4OoDai9GCMCIjhLymTR3iDzY6S_F-V1C44tGiPv7OVjwfIla3iwy0M_5XBJEhTThnVVgIoHN82HiVmG6si1GFTQgkOET0VZXneajejWfJ8_VlE3JEqMll3eSz-hrCwdBtPNZsMe3ubF1p_xJgNyUnr6YQ_BnIDJr1ul1lrIvGFltpP5q-GQKtHsaDtgHg6A8llxAvkiFCHKT7APm-8sMEuMV1FGGRi7AowVlfUM3-56jGVLdF5pDWmZhAdXTcilPBDGbxpN0i7oDVO6YxzbgaFjj7py9HMTHO3Bf32kPCPp0v7YwmU_Coe-29dIDrgk3QekocjI42uqdrM9odmXJ6njAtnePR2ijDga5fApiAy7C4uFV6QLjpJFVOrNS-sCFdQmdU8OVC8GAnYD2fyhcf2fKSA5ms3pzcFssAP5jw7uvw6MSAc9SHN5OsgBX2LPUtkacHNTRePzj5OL8xzEN34L1QDVEkIH-oXGYG5k8DNuX6CZIvJwlyNA9sGGio0UmvytD3qaiT69mM0vME3PiUUBist8fwaJhVyaGpwczQbTLaEdZNEqf6MBletLmJP4LF6pPWE68GrhZ-nsveJafzxPMMBTrXrKBUUaN72-1Fi6KNwX3FY7W1UwAMyJqErvEe72wb8QUpzQPkq3OqT0vpYekDApc_Oq0CtJwJJYUValSV6vTzjMSJF0mgQLL_5S-kPtEkbYTQQ-gpG_RzeT8VtQ1iBXy8OnBKL6u-1XxvBDAqlIw0CFRLhgXJcF72AhLZDQ2rU6y0a4eIFTmWmjKf1lIozeqjWVMzhr1i0qgIfHbGcvFtFv482PsCepk7Y9qztfo0LJchh8vaYd7gzgsgksZYA7ESvkYGGSl3BCBzwzb4yC5UdnMlTXxpN2lK_drpHB-U8AbhRj9zXDFYgwHHIecDJCpJiZfBTd1A_tAdoJ5FuNS7rm1Hl77s2LCs0RLScGE5OG99yldwedrGp1fF4_d3t31qp9yA-pBuN0ASoqoeUl3MrLBrLXrV0DC9y1xhm40430sJrkB8xxRfy9lvaYKmH2lWsqDU69w1xWrKK4Zk-U2cSkiCvbhHt_w5ir8sOnSJ8ot6ZIAp11Fc5z-9CSpCwnKatWAX7Fx-f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 69BC 0
0 74ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305310101&jk=2401189694259918&bg=!zc6lzprNAAY9J7QfHSc7ADkAdvg8WiA4zX_XDXoYVBwYFU_6_KKtAJPlk3mVCqxyN8tURBNx_ISSS7dP7C0vAAPMQXBhFZb4D0sCAAABS1IAAAAFaAEHmQLfI9uMETVxBS0rZOXBrQLDm2kg1KZLFyE3P3jgaHBA7z2ydjOjX5d9eyY3cO5fln8Vh3WJL4333ZhcE9bpEIVv7Gi6dvxDBTAL86sXsxTyv7D1MB1V7CwYD-qNJzM-fNgBENcKJcm84UufKJI6VQC5LCzPFtJqoiFbwuPLwPkQCkQ_C1-l15UseCPg1_OCUCVr_t8EKfaH-vPN6dBDNzdw4XmAz63YpaAxVshN4gNaGdWbHddzOinpzvqmBTNteulPhIBccSOH1sB8vQDLc4CTgMuxHc2pgSAQYO8QQDbO1jVVylwnCZhVOMtzVK37h522mCGA7Rs56dRHaCEwClauS5gI9JTvRDRSsKdCzvu4wGeuVym1ApPQ7CmKvODWrp7pw6xfcZt4RFszxSYmixlbrKYC-rZI2zAKvF0KCp3_QtFupMihlqdV7wREaABiUhEPLqiCwkOXoBR1oOXmp4KX8pUsRmoAyvbm2Lie8cdcaC5aznuxlFR88Gko7Oj4L7qWqFF8tmRDu4a3gprGimyq2MrYwxWqkTCuqREh26awHCsQeqD3BO-MNR-sSs2M_cRRnJBY1acOgt9O6kKqgRMVFaJSzebyCFa2tT2AE8pH4a64cEzr9KJR6oy8uOvV_XF3oNFigaEpzyDHSSXrfaXgmEtAy6RyF3pIEztCqFeVKm1IoZaFu4o34Bmkj7w8iTym1R_G0OIyE-xjDgy5k3r9HAvYfIuhvjBysxJk5k_WkEg4MSvqDipGUUCuYQEb79SzjM7_1sSJ3_FCBaOJH3HL6L5XDeLrNHFIzk3NnLW4MNwxsIB3mnRuMIVzB5VN9BwDLn7rS--76EqKPjEGRhJtqWfo8Ey3jFNGQDkPuIvMkZ65FVHixz_IPLv6-mpw_3-677unP3r8NLOFdZHGolHuoEj_TyVX_GSmkBTIf4DiN0u03stVb_ngCA5AB2rRtB4ndbdJDTI2pl9EuhOvBY_E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28A8 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumQl-O0zos23YdnZ5vWdL2-gA_8zj7HhLYHtpHXRjShpi0a32YLw0k7defY60LqzGR_rPpmwmqKEu1A7fZuRKQZ6coIlcSegOiv9xDS5kJcnjc0YMlwO5JaRO-VV-4htpZr99tB6R6g187&sai=AMfl-YSbQp9KUHulg1gXnU6lK71RMHMbde3-C2XEcIAdHQbwTHLDQDFMYmuVmOaJNFLfTLt7w7n6DPiVakfxoXGpgZkHdji9aV5xTv92SdBfUY7fXAHhHGidLUz_ECU_LA8hWEGRz8m6Dvoll2a8&sig=Cg0ArKJSzFbWtIqBVK2xEAE&cid=CAQSSwBygQiDgUMgp4sfVyDcRhWWxdW3kqTrM2dRNVA7IVPLzSuyImG9qqSaLnwXJYVkn-E1WtUcBzJ5vJUw3uCDfugca6NbsiaA03DMYxgB&id=lidar2&mcvt=1001&p=890,10,1140,310&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4042043804&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685995146538&rpt=390&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
66 B 68ms
68ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/239538/event?hash=658a50190e11cdc0&pm=bmn&p5=nmoxl&rand=lwgizqy&sj=qanX-Pzuz6bTIkUUDlzcBC5wxuAhqnlJikb-lJ15YS09t9sN30AJ7fNs8qJduA%3D%3D&ad-session-id=2701101685995145419&lts=flxlzrd&ytt=536011918671877&ybv=0.782287&ylv=0.782287&dl=https%3A%2F%2Fnokta.md%2F&pr=dyxmsmc&p1=cwutf&rqs=iT4_nddkeFaJPn5kNOq-Sbl3V1ENWCJ4&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 19:59:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Jun 2023 19:59:08 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nokta.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
240 B 341ms
341ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2705660065266146&correlator=4251660222541296&eid=31072019%2C31073866&output=ldjh&gdfp_req=1&vrg=202305310101&ptt=17&impl=fifs&iu_parts=22776189532%2Cnokta.md%2C6.Home_Main_970x250_5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=1&adks=1076591622&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7f21aeb69a34aae4%3AT%3D1685995146%3ART%3D1685995146%3AS%3DALNI_MYQCRhO7U_EGodZHVf9QYIq4e8ikA&gpic=UID%3D00000c2cff5cfba3%3AT%3D1685995146%3ART%3D1685995146%3AS%3DALNI_MYNs7SrNvewkSCCpBIEc0MR1yAPug&abxe=1&dt=1685995148755&lmt=1685988009&dlt=1685995144810&idt=931&adxs=436&adys=2601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnokta.md%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1007484128.1685995145&ga_sid=1685995149&ga_hid=1049577244&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04bb607d6c82b4ffdc2ee6c0b8d36d8a041224cb48b4f2d1e030a00131c50d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nokta.md
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
87ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4297fd918b244073a9c187358657abecd5df6cdba6425d3bfe0b33731e29d551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11156
x-xss-protection: 0

GET
H2 200 container.html Show response
187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34E9 6 KB
3 KB 58ms
43ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:08 GMT
expires: Tue, 04 Jun 2024 19:59:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 19:59:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A901 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 17:16:21 GMT
expires: Tue, 04 Jun 2024 17:16:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A2C 783 B
765 B 49ms
48ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bc00701cbb0df4a25a1b1a7834c51e0cc3ba49dc7a6f5b2be1823ee65bd3e8c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mXNq-0Zl-mS9A3iQQJNFlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nokta.md/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-mXNq-0Zl-mS9A3iQQJNFlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 19:59:08 GMT
expires: Mon, 05 Jun 2023 19:59:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js Show response
pagead2.googlesyndication.com/bg/ Frame A901 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/021tMgbmWdpib38qUft40v3Y3wOFK7xcDKTuj95SMW0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jun 2024 08:20:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9A2C 0
0 69ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305310101&jk=2705660065266146&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A901 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uQUOaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 19:59:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305310101&jk=2705660065266146&bg=!lpWllcHNAAY9J7QfHSc7ADkAdvg8Wq8Dqx0DHJi9bQfgkaamdC2bxT99kA1Thunjdu56uAJOmV3-83JoMFyRgK5Zr_sZQ2iPa8sCAAAAcFIAAAADaAEHCgAyCEbChCF6DJDkN2W1DiCT8pTsHOp90j9M3g0N1-jyS2rN3HEc_RnWU5huJRJe4iv9WxGZAvjfNYz0an4eCe4wvfypXZMKozWiFZxvp-y20fnZhnRfZNDFuo66h1MRhnSCEVipOWFj4lT3LAjz1x9cN1xKt05QSQbr2-qZlKdu0H6VDhZOvQ-FNnSWQzE-CwUXH6QdmdUZfSKGVa1Lt4rqmgeoOX4aOyDD91AbNCxtkwLWkGFzTE886ueoiXxP_ZKr0ZzawzHWQMe6Hxk_KNjRrsPKJw97pn8ZozhoKaml87RKmhjKqYTJYBESr-LQGZ5Lr3x7AR1i4QiiNdaUZfLsVNMTqDcI2vMfepN8aNH0q8qNZ4sP6dxMwWmv7C5TYgrJW1L3t4a1--8DqMk_2V3_WjoLeKjQhEGAevpkhdSQePP9fpOQW1nyRyj6oNb1qF7DpGQPVcRXy88ZRuwFXfTXXlFZJs-qPGXGYcK0wDK8Cp-jLxHij_FZKBgR6eafMfXWKDmhn5uO1XPfTb3QsubHlK_UL3Yw2n6opPKPC95cvhykk36pEnyxROpmYAA4p3HpVPzNN3qOG6xnRzXu57fOc6JUkKQv1o0fkk0IUEhbH1MmhurPDAPEC0VYrgekBrbFZ-_EcvxJrejMSELnNEXJIMpo1MQ_SzaUA_FxOUC4SZzAu2eav5pniSK7iVUML19_X1b-Gc-Gw8Su1V-CpR3eyaEB2nBGAwPi8CBLQ-T7oP-sXG-ZIknhBtRBvYzxv-j58h8Un4-rTjpVNIVpWtEHEVoBaG9hhJStvxemYFQhRbeUstGDx-UuXinDFs2Mw_jx4GXkPWWWdiRbxC8sPgzfn9fmRCnLQVoZAUMI7WpnXCd141eShXqboaKOCFmRcRWShwK2mo5pqmd28Pm8He4bK12oDLa5xrphj4O_Jp7tHUpyb_Gd6RKRGBrcQDpOAV9yIfXwvsFemu7NuomYwlHKlM2n4hb9qrHWHobPRjJyH5D8FLabqKAoybHpjJ3WozdZphxMu_6zZu80c1imo6BPySzSajIR6gcM3y8r28gRFku87LzgU786BDfryA7T
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nokta.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-20 21:55:55	Name: i Value: o8SSzcZklR+9PC8yF6Ye6OpmVZX/1EpPN8z2flfCcCqUwBbyF15Xlis4troiI21K27JANHSTY7Rvz/LVyD5o9D4ARcc=
.yandex.ru/	1970-01-20 21:55:55	Name: yandexuid Value: 6230840961685995145
.nokta.md/	1970-01-20 21:55:55	Name: _ga_16NB6NMBW8 Value: GS1.1.1685995145.1.0.1685995145.60.0.0
.nokta.md/	1970-01-20 21:48:43	Name: __gfp_64b Value: GLywPor72Wqx78ytPt_4KZJCWWd5dzcClTgzyCV2bIj.x7\|1685995145
.nokta.md/	1970-01-20 12:19:56	Name: __cf_bm Value: ZqjLu5UVq_.FqV9snjdGnSYoZTwg3_oEyJxv9Qej1sI-1685995145-0-AVCclgX0dKbhTolD1yYa8+BrvqLvu6w0qCAwwk6D+wbWPkcdRQ+fPSLveZ4yRMbkG9C9vOtC4Uu1I23MOvWX8ND40rF3QTSi1XSwZI+1labT
.hit.gemius.pl/	1970-01-20 12:29:59	Name: Gtest Value: KlShNRGGQMQGaEGF8RhFll2UssGMXP8c25nSGsSQ_i47XBG.
.hit.gemius.pl/	1970-01-20 21:48:43	Name: Gdyn Value: KlQ3sMXGQMQGaEGF8RhFll2UssGMXP8c25nSGsSQ_i47FRxSG7RrGS6GrsEtFlM1YH8PlexaG0F6Sssa
.nokta.md/	1970-01-20 21:55:55	Name: _ga Value: GA1.2.1007484128.1685995145
.nokta.md/	1970-01-20 12:21:21	Name: _gid Value: GA1.2.1559652646.1685995146
.nokta.md/	1970-01-20 12:19:55	Name: _gat_gtag_UA_111548798_1 Value: 1
.nokta.md/	1970-01-20 21:41:31	Name: __gads Value: ID=7f21aeb69a34aae4:T=1685995146:RT=1685995146:S=ALNI_MYQCRhO7U_EGodZHVf9QYIq4e8ikA
.nokta.md/	1970-01-20 21:41:31	Name: __gpi Value: UID=00000c2cff5cfba3:T=1685995146:RT=1685995146:S=ALNI_MYNs7SrNvewkSCCpBIEc0MR1yAPug
.doubleclick.net/	1970-01-20 21:41:31	Name: IDE Value: AHWqTUn49tqgQQGVD07ySDlPF5sUZ2aXqXlNkE9Z33BvGU8V1RSOlkqju0H-ei6A
.adnxs.com/	1970-01-20 14:29:31	Name: uuid2 Value: 5089636782029349489
.casalemedia.com/	1970-01-20 21:05:31	Name: CMID Value: ZH4.ig1qkDpSys7DYHQnWAAA
.casalemedia.com/	1970-01-20 14:29:31	Name: CMPS Value: 5126
.casalemedia.com/	1970-01-20 14:29:31	Name: CMPRO Value: 5126
.adnxs.com/	1970-01-20 14:29:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%wkBqt9!]tco8i_iqf!oN/@E'zz<*Z0Q0Y[xU0vfw[?MBhLsD_zPO(KUFU`JDjcL[PC<QG=%9sk@3@'s>TD+!Ok

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

187166c0e2ac909ece6c9a0556d2b746.safeframe.googlesyndication.com
46e9ae5d3a453ba2f15a3035c7acb7a8.safeframe.googlesyndication.com
ads.adfox.ru
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dsum-sec.casalemedia.com
gamd.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ls.hit.gemius.pl
nokta.md
pagead2.googlesyndication.com
prebid.dsail-tech.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
128.140.224.226
142.250.185.226
142.250.186.162
146.59.30.100
185.80.39.216
2001:4860:4802:32::36
2606:4700:10::6816:44aa
2606:4700:10::ac43:510
2606:4700:3036::6815:7f3
2606:4700::6810:3865
2606:4700::6810:7aaf
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9b
2a02:6b8:20::215
2a02:6b8::1be
2a02:6b8:a::a
37.252.171.85
0162db0ec46034d1646eccb2788d685704b7c17951ad0870c5fa98e402247edf
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0413ae2c33847ad3990b41c3308a6569c8115dc2465459edf731781c5f85b65c
04bb607d6c82b4ffdc2ee6c0b8d36d8a041224cb48b4f2d1e030a00131c50d89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f234f4600c91c7979ec9ed19d80dfdf80cfe78c64fcaa49c0b1364d0ecfa24f
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1778355d9ed351e6f5d3842e331492c1dc5d4d4b41ffa120176c0595459ca1b2
1ec814c67d04f5258b253e421374e39df356257a4e94087d25d576b57a7687ba
1ef219b0e766951c4249448aaada3a8da4ab54ebd123d9e0a01fed21b8655eb6
1f21f36b76aa068bb644f2ede985d8261ba98a13404ab9d82d6b91513bebd5c9
1fc369a84346648c99f9dcf8254137489e000096038f0bf0a77e0b4315e700fb
226a7d74481c9d415acae1eeb7ba0d5910bcbe331d20798d8a9a10e105087ab4
23f1cf894af232eefc7489d3fe3d620cb38ede4291dc191b27ebeadafa2fb5f6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c6da2b8945cfae44eb209ac3de3e763d3405eecbdea8f749710050fe321721e
2e7cc51d03f0d99bdf8b405b9fce6dd02b1064c4d8afe0308493db1172ded65c
30bbd88ef5dc745d96fcf5d288854798760773d3b1c2d1644b03aad68e1a68c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
4144d2636ee26e1a001f306fd45562e9fc2295c973e77ab02a1b6ee63bebd27f
4297fd918b244073a9c187358657abecd5df6cdba6425d3bfe0b33731e29d551
43974fecf108054677049a82854bcd0a723d2060640900d771e590c480362300
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ed0849831a7cfebf8138a220636d08c58544eeb3a38e6a13456635a0f20e5b
49b6c56eb31409bd9d3761794191cce2ecb0de4de4b475ab71810de512cb926e
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
543f2494a8e50be07d9994f8dfe1136481ec7fb41739564e4a4628ead84026cd
548d1e98ac4041a9b018e46c9c2a78b9919d6040ec4d5b7a1251fa2c085f1de5
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55564d0504733b999d0cd481c189881f733b1a5b2984a4629af62d8cc495d895
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d6a875acf6d3a327b6b0793a54733855b3243563af19fed361382a2130a41f4
5f8414f3ec177aa2274811fa9f2d58be4f9e4364e29ca74228273ed5b4a53aad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e9125ea05c3972d30adc74b7bb37a53b9ddaa7e0622c342d88da8e8a398b73
644ccd7943c4660591d9bbc9572fc65a7033678e5b362b977f207d5f12fc4322
67121bf6699d6f2ce15dc0b2af2fde8dbac8e6c5d3480e6b9ff83e646192aa6b
6a58e459f0f0d44911ae785b7692808fb88ca627366042b7726024b1fd146d18
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c148f870e7277fda530c7f01eaa6e6b03a0c1b9163999f25de56bc2ba520122
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
755e2a1b53d5fc608e6d8246898a6cc164a7bc3f8a2a47446864e5d80a6dc467
764b531d5530fbabcef4d051db1714fe84ed04af0c02ed31406dce142c5578d5
77ad5302bf7c2e6097e120085dd44cfc48bb922a3ea440ba8ea2af77b9e0fca3
7e36af7b80897b61ec68d3c4e222b6367a4fea0143dbca2c6884aa4623feb040
807374b8985f3c407c4911d00dc7e8b2580fdb698ab6e1e7f381e985af97cf9f
866b1591bc8111bb998e9e3479197908610106501868f483eb98f80d069dde03
906f29a98bc192c94b6e71c6a16da9911e534f709df57d5abe75716fa336af52
980ae1a7d20f556f83c9f329c8a216e9ba1b1aa5a73c7c33cb6a03fc182fdd7a
98fa0d58687d1f4627021137d51a0bd7a5b1d134429c3c2d0701caef5d6123a0
999c990eac078d8987079f882c48e9294fbf3fd8ac92d1f8600f72b807dc8201
9cf29cebf607fff8cce66b1b38ae097bd4574dff76124814c7ef7cba72cf4c6e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84a4076a1590875395743ab8db9dbd0cd1dbf9f2bea52fae26980169fef4fc1
abc94707f2cd54cac4f779775a6d1de6331a87327ed766a44fe9516c26df3456
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3253633ecccd99bfdc85081ddbaa6659340b8c1029e47b7e9b734f2effc9f54
b379e1be66deeb14ae4b5d398f02cc51309d5396faed455ace3b6ed9c00c1837
b64479e3b6a6ac6055d31fdb43521c021d081db817a44210f66753035aadb00b
b8c1ffafa4cfd35df4f7a3b7c640a87515cc88202d806f824b85d2d0e7e73e02
bc00701cbb0df4a25a1b1a7834c51e0cc3ba49dc7a6f5b2be1823ee65bd3e8c0
bd301403c1ea9b6b2a13c4da6155bfd44ce4a52b804cdf1ce376f7b76e26b60c
be674cb900d0a2aa08878b2e770ec181842a0841d90a013c34dffb6d2edd53bc
bfcc1919e0ceebdd9b19a2b7da55e98a3752f9253378aa75ca14537964e9e912
c64673e1b19b827d5ce213e0287887af27cc1f814b08f702ff3008948bcb592f
c94808af1ad06c372e971f01991a47a96d28def508767e68ba5f367bd2ac1e71
ca06aef663273d4ce7632f7bd2a34bd5ce7ddadfdf2f27ecf14f7939412da523
cb4fd441dc86393bf0164b078904c830988b914d686ebcf23c3c13fdaacad0d0
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf62e4d08c1e5ab044210ab153920d7fc20384ec031c3288336656e484517238
d1bba70edaffa6d4e72cd19e4946ca22732b1ca05c62d4ba02c7a2668abfd4a1
d23604d7a309832b4a5ac8d1a857ed67b052b3dfde8f6ad2667a384824b9c20d
d36d6d3206e659da626f7f2a51fb78d2fdd8df03852bbc5c0ca4ee8fde52316d
d37776bb7c669509954d95834f435b03f8399f4df56f1322b98fce250f22c694
d475d615b9fafc607716fb61db14ff3688a9ce6ea13cf27cc7343a33ac250b8e
d6fec90f3ead5ea1d113b46f0430054d46d98a249bcdadf628f8415090755055
daf645bbe5045476c4efc0e2fabcffb94dcb0d73ebec21f6db7c9edb13ae48e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e113a863badcfa7f3cda776d5208d1f965b48a66455dffd12050ceac9dfaf16b
e3639340564e9ca5aa35a31fee3f29458be3caf163bfd6bb00d07d754c2a26ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ab2276dcf53c0ae41925d1dd8df947069bd907812e7e4c9a8852d3f8c3c85a
f693e134e907e2db7586263e65c84ad3ea312453ebab432e8538857804a6d9fd
f79c8bb513ef58916c7f5d27df83ea2a8b275c2eb92011df380ade109fdcddca
fbb0a2b334bd1eefb2f50a997e407ef523d3afb46500de840c1e482dcc325adf
ff74b1903d98b0a4f8af51a61ccaad761f6738531b9ee1d900e051f9e404a308
ffb08219236ac6c536c109f4f65b6c406d56e9b27e61f5426a3f36691f79d82f

nokta.md Open in urlscan Pro 2606:4700:10::ac43:510 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

94 %HTTPS

78 %IPv6

18 Domains

29 Subdomains

27 IPs

7 Countries

5375 kBTransfer

8467 kBSize

18 Cookies

7 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

nokta.md Open in urlscan Pro
2606:4700:10::ac43:510 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

94 %
HTTPS

78 %
IPv6

18
Domains

29
Subdomains

27
IPs

7
Countries

5375 kB
Transfer

8467 kB
Size

18
Cookies

128 HTTP transactions
1 data transactions