urlscan.io logo urlscan.io
SecurityTrails logo

www.niftygateway.com Open in urlscan Pro
13.224.189.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.niftygateway.com/@mksporticu
Submission: On May 30 via manual from VN — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 22 domains to perform 87 HTTP transactions. The main IP is 13.224.189.7, located in United States and belongs to AMAZON-02, US. The main domain is www.niftygateway.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 9th 2023. Valid for: a year.
This is the only time www.niftygateway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 13.224.189.7 16509 (AMAZON-02)
1 151.101.0.176 54113 (FASTLY)
3 142.250.186.104 15169 (GOOGLE)
1 142.250.186.74 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
2 13.107.246.45 8075 (MICROSOFT...)
1 216.239.32.181 15169 (GOOGLE)
1 173.194.76.154 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
3 23.96.124.156 8075 (MICROSOFT...)
2 157.240.251.9 32934 (FACEBOOK)
1 146.75.120.157 54113 (FASTLY)
1 143.204.207.250 16509 (AMAZON-02)
4 34.120.14.251 396982 (GOOGLE-CL...)
4 142.250.184.228 15169 (GOOGLE)
4 142.250.185.131 15169 (GOOGLE)
2 18.66.147.64 16509 (AMAZON-02)
2 151.101.192.176 54113 (FASTLY)
10 18.245.60.81 16509 (AMAZON-02)
1 18.173.205.104 16509 (AMAZON-02)
9 104.18.70.113 13335 (CLOUDFLAR...)
1 142.250.74.194 15169 (GOOGLE)
5 35.190.43.134 15169 (GOOGLE)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.195 13414 (TWITTER)
2 157.240.251.35 32934 (FACEBOOK)
3 104.16.51.111 13335 (CLOUDFLAR...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
87 29
16    13.224.189.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-7.fra2.r.cloudfront.net
www.niftygateway.com
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.google.co.il
3    23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
w.clarity.ms
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
4    34.120.14.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.14.120.34.bc.googleusercontent.com
api.sardine.ai
4    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
4    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
www.gstatic.com
2    18.66.147.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-64.fra60.r.cloudfront.net
media.niftygateway.com
2    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
10    18.245.60.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-81.fra60.r.cloudfront.net
api.niftygateway.com
1    18.173.205.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-104.fra56.r.cloudfront.net
exp.gemini.com
9    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
1    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads.g.doubleclick.net
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
niftygateway.zendesk.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
28 niftygateway.com
www.niftygateway.com
media.niftygateway.com
api.niftygateway.com
2 MB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2248
ekr.zdassets.com — Cisco Umbrella Rank: 2556
223 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
w.clarity.ms — Cisco Umbrella Rank: 11709
c.clarity.ms — Cisco Umbrella Rank: 1385
29 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 901
tr6.snapchat.com — Cisco Umbrella Rank: 1398
801 B
5 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
1 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
346 KB
4 sardine.ai
api.sardine.ai — Cisco Umbrella Rank: 23603
26 KB
3 zendesk.com
niftygateway.zendesk.com
1 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
252 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
167 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 28483
562 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2197
76 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
764 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882
394 B
1 t.co
t.co — Cisco Umbrella Rank: 717
377 B
1 gemini.com
exp.gemini.com — Cisco Umbrella Rank: 697386
467 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1134
19 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
87 22
Domain Requested by
16 www.niftygateway.com www.niftygateway.com
10 api.niftygateway.com www.niftygateway.com
8 static.zdassets.com www.niftygateway.com
static.zdassets.com
4 tr.snapchat.com sc-static.net
4 www.google.com www.niftygateway.com
www.gstatic.com
4 api.sardine.ai www.niftygateway.com
api.sardine.ai
3 niftygateway.zendesk.com static.zdassets.com
3 fonts.gstatic.com fonts.googleapis.com
3 w.clarity.ms www.clarity.ms
www.niftygateway.com
3 www.googletagmanager.com www.niftygateway.com
www.googletagmanager.com
3 js.stripe.com www.niftygateway.com
js.stripe.com
2 c.clarity.ms 1 redirects
2 www.facebook.com www.niftygateway.com
2 media.niftygateway.com www.niftygateway.com
2 connect.facebook.net www.niftygateway.com
connect.facebook.net
2 www.google.co.il www.niftygateway.com
2 www.clarity.ms www.niftygateway.com
www.clarity.ms
2 edge.fullstory.com www.niftygateway.com
edge.fullstory.com
1 c.bing.com 1 redirects
1 tr6.snapchat.com sc-static.net
1 analytics.twitter.com www.niftygateway.com
1 t.co www.niftygateway.com
1 www.gstatic.com www.google.com
1 ekr.zdassets.com www.niftygateway.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 exp.gemini.com www.niftygateway.com
1 sc-static.net www.niftygateway.com
1 static.ads-twitter.com www.niftygateway.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com www.niftygateway.com
87 31

This site contains links to these domains. Also see Links.

Domain
twitch.tv
youtube.com
facebook.com
twitter.com
mksport.icu
Subject Issuer Validity Valid
*.niftygateway.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-06		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-05-03 -
2024-08-01		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google.co.il
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-08 -
2024-06-06		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
sardine.ai
GTS CA 1D4		 2024-04-13 -
2024-07-12		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
media.niftygateway.com
Amazon RSA 2048 M02		 2024-01-02 -
2025-01-30		 a year crt.sh
niftygateway.com
Amazon RSA 2048 M03		 2024-02-20 -
2025-03-21		 a year crt.sh
exp.gemini.com
Amazon RSA 2048 M02		 2024-02-05 -
2025-03-05		 a year crt.sh
zdassets.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-21 -
2025-02-20		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
niftygateway.zendesk.com
Cloudflare Inc ECC CA-3		 2023-10-05 -
2024-10-04		 a year crt.sh
www.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.niftygateway.com/@mksporticu
Frame ID: 09F00CE1201FAD6FACA8A9C3B232218A
Requests: 65 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b33246e3f2ce9d36baf58e11bdb36d31.html
Frame ID: 8D2D167AF58604D16499033B1A1378EC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C3CF8AA2B9DD513961CBBAB802C37CA7
Requests: 1 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Frame ID: AFB13F91614FDC2283EAE65EC57BBFCA
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5fa12121-3ef8-4e8f-8226-e8cbcfdc31f7&u_scsid=6d9698db-3c33-4268-b7df-e18120665742&u_sclid=f566813a-3581-42ef-aa3a-4c84baf57d50
Frame ID: B95C8C292C4F6365F4FAF07F5EF628EC
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Frame ID: 08D7A96A4EE7482C702E9FB57A1DDEE4
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL&co=aHR0cHM6Ly93d3cubmlmdHlnYXRld2F5LmNvbTo0NDM.&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=3dav27g1aib0
Frame ID: 68E2DA30D21C09CD19F87233056BBFE4
Requests: 1 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Frame ID: A2BC303C9781B5F93002E64C160C777F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL&co=aHR0cHM6Ly93d3cubmlmdHlnYXRld2F5LmNvbTo0NDM.&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=4on8tupgr2tk
Frame ID: 9B8A70E65F175D1C3F9D92CA5616458D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mksporticu's NFT Collection | Nifty Gateway Studio

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

87
Requests

98 %
HTTPS

0 %
IPv6

22
Domains

31
Subdomains

29
IPs

5
Countries

3274 kB
Transfer

9591 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&RedC=c.clarity.ms&MXFR=3ACAAF7CC02260600004BBF3C4226EEE HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&MUID=054360C82FF968FD1B4274472E8469C3

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request @mksporticu
www.niftygateway.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8ec8e438a89275d43470f24b18e3466713b319996f65d2b3a3144f3e38a362e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
content-type
text/html
date
Thu, 30 May 2024 08:14:20 GMT
etag
W/"6bfbbcded04de4947562bcfbcb784549"
last-modified
Thu, 30 May 2024 01:22:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-id
ccoRCvJqsKfL3knMmp_1RORSbU2pI4Itf7f9bds7WAiPuFmxicj_ng==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
all
/
js.stripe.com/v3/ 		606 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8dfad747a40c3b11909233620ef2ebbc820dc5db7b6644f810e2d4c71f05b3b5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.niftygateway.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 30 May 2024 08:14:21 GMT
via
1.1 varnish
age
11
x-cache
HIT
content-length
170627
x-request-id
235b909d-6eeb-4d8b-b9fc-801c82b9b4ec
x-served-by
cache-mrs10570-MRS
last-modified
Thu, 30 May 2024 04:16:51 GMT
server
Fastly
etag
"3ce61c63415791ede407f3004a0046ce"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11
js
www.googletagmanager.com/gtag/ 		264 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f7dc52973f70ac63572c622bb04f2ba57a3f152e4a66a34df439fe49118b7fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93190
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 08:14:21 GMT
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
aa503ed4b75f03eebbb4626b542f503e7b9246f1addb0dedd48e53735cb6a4c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 08:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 08:14:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 08:14:21 GMT
index.998f14bc.js
www.niftygateway.com/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/index.998f14bc.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60c92fa272057efbd34781513b62aaefbcb8f5f1664e0be2f08d7a79e9439590
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"8228ae7a3e8d8d1d783a0a69d7a42806"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
86ha0WXcMn9UIuhMbCO46HQpoBfFqi4QszEAS-P-oPTUJpQFGeU-dQ==
index.092ae38b.css
www.niftygateway.com/static/css/ 		332 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/css/index.092ae38b.css
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c964c6452ea211af06970cf8072d91b350ad24288209b31fbeb16d60b769f77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
332
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
"bfb5cd7596f605b26876033c189a9313"
x-frame-options
DENY
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-robots-tag
all
x-amz-cf-id
XBjKhvi6NzDQ4-iy3oyTV7Uq-sD7j4-D2e1yBIsutYZ0KcRSr8iNvw==
fs.js
edge.fullstory.com/s/ 		275 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f679d6ba05c5482e84c83fa3b35958730f79cb4365562b73b09ec902762bfe5a

Request headers

Referer
https://www.niftygateway.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 07:40:06 GMT
content-encoding
br
age
2054
x-guploader-uploadid
ABPtcPoF3pHaybciACyUsdBrbGleqB3I8Lq3nYmaiSfiEWRJNSp-C-zI_4HSzulbtkW7EJs3IzZEV8R0ig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75829
last-modified
Wed, 29 May 2024 16:36:25 GMT
server
UploadServer
etag
"602e9aafca8a540dbec7f8ebd8bdff02"
vary
Accept-Encoding
x-goog-generation
1717000585340181
x-goog-hash
crc32c=q7gb6w==, md5=YC6ar8qKVA2+x/jr2L3/Ag==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75829
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 30 May 2024 08:40:06 GMT
jxpzxbjuse
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/jxpzxbjuse
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ef43cf1f388d223852c3b76cdbfc71d3999f71d85e4c70712fc5bd52efdf6ea

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
-1
date
Thu, 30 May 2024 08:14:21 GMT
x-azure-ref
20240530T081421Z-r18d8969c4f24547dcd4xrh9e00000000g0g000000009kzt
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
web
edge.fullstory.com/s/settings/185DGN/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/185DGN/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1cf2fd619d9ed96b68586fd228f9fab225bb7dcff6ce89d504e145aa77894006

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:21 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpQv8NyLUUNsov8TdF4W4LQarFg1FN434OJZhquPqByDZ-1dH1Xa6W9qLHPY5DuZBzyPvsIybMOBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1211
last-modified
Fri, 05 May 2023 16:04:45 GMT
server
UploadServer
etag
"2f66b9b267fd653d44400cfdcef6bcbd"
x-goog-generation
1683302685646384
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=/Vi4OA==, md5=L2a5smf9ZT1EQAz9zva8vQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1211
accept-ranges
bytes
expires
Thu, 30 May 2024 08:29:21 GMT
collect
analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-XN0S484YR4&gtm=45je45m0v9123216747za200&_p=1717056860790&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1701043027.1717056861&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717056861&sct=1&seg=0&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&dt=Nifty%20Gateway&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.niftygateway.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XN0S484YR4&cid=1701043027.1717056861&gtm=45je45m0v9123216747za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.niftygateway.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XN0S484YR4&cid=1701043027.1717056861&gtm=45je45m0v9123216747za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1307195828
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jxpzxbjuse
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:21 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240530T081421Z-r18d8969c4f24547dcd4xrh9e00000000g0g000000009m05
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
609c144c-101e-0028-0ada-ad4f73000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
w.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.niftygateway.com
Date
Thu, 30 May 2024 08:14:22 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10801089900
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
31c93a7232a0e5761793beb3020028115b42f153140067437921cb42e31860e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81932
x-xss-protection
0
last-modified
Thu, 30 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 08:14:22 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10801089900&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6c9312991f7563984455cc1a962fdb3e06120fe3614f5eca6f2a04504ed2b07a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81955
x-xss-protection
0
last-modified
Thu, 30 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 08:14:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 May 2024 08:14:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=12, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
CKcRvEFOIMYtSbVmHnocXk6/V+gD84gMIvGTkqFYNZWCcR4hJPZaNV9saJ0sNXqXS69cdedf/Tmb/0YTRAAWpQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kcgs7200164-IAD, cache-fra-etou8220037-FRA
scevent.min.js
sc-static.net/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
60b1c42f28933bde09df838f008572c91fac4639c168ff44cea34afd66d9aa55

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
gzip
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19231
x-amz-cf-id
iHvq0PivfkZZmfdH7FfNdsvl13Nnc8yDMOy3geZHQHjksx7l1jN8cg==
1186.714f7dd0.chunk.js
www.niftygateway.com/static/js/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/1186.714f7dd0.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c021fcafbe4d233a28ea16ba0d04a2013001499dd08c2c38969938ec758bd98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"bc5c9b5118ed49cdcd76faff0e079bbc"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
5XXeZ7IOL7GI9SGJE0WjIRgQoH5Sod1SQH-A8tlhYprWb5JGHWJdOQ==
2287.60b8ea38.chunk.js
www.niftygateway.com/static/js/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/2287.60b8ea38.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66c2d06a8928ed8e3ff9ffe3b74e5ab4aceac8570b91484b118e9c3816edd847
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"f18a7323372268ee8edc46cc0e5b473d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
k-UoJfW8H6ae-cf4vO2fz6oqljG0wJvDqCgN1kd0r6rUMbwNBJP97A==
9624.32eff95b.chunk.js
www.niftygateway.com/static/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/9624.32eff95b.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cdeef79128b79368f7916144f8ed933a99c80acf05be57bdcff8d4f71f24db8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"d5515939f12bcdf84dbf5e3e143e7419"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
MpW47NX7RlBp-SgofWVGre0gLJqnlzMQZ0qdEVp3caVNgz_hCiSg_w==
597.19be06b4.chunk.js
www.niftygateway.com/static/js/ 		240 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/597.19be06b4.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
989f9fd2f4f0b61a8851b569d737fa4fe272ba03f28427cdf52b18879639171d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"2493986427482c5f8fa07c05c2b5b5b2"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
sVscZGWx--VE2JBL1UaI9evtEIOMnvB37b24gnPqwrVt7B1O0-qLvw==
9627.acb4e320.chunk.js
www.niftygateway.com/static/js/ 		24 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/9627.acb4e320.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6439b602758b028ef4aaeefb1ffc174025b03fa91a5a931b0937b6797f5e40d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"abdcddc439e241ef1f9bf9f7f24dd512"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
2WvG378HZt_zlVc96YUqbVXSXN5oEAD0src1ooF3_k_1LOX1FoKCGw==
2692.050be5f3.chunk.js
www.niftygateway.com/static/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/2692.050be5f3.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ec7c90b8890c40e4372e4a28eea34919eafd58ee891ad60163eb1da381d531e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"cde589a24e649101819d454b6d741887"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
1yZII_1xMbWZYDOyiMpAQOtgmjVTiO71FqI2shVzHfAmSs_jO770qg==
5382.51116b92.chunk.js
www.niftygateway.com/static/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/5382.51116b92.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7dbf204d1b3ef132261033ffcb52919f5d93a15d8656e61d261174f639c43f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"8093701ee11b3876c4f0555f8e9ccbd9"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
O02FUY_259h-Xz-KnGtidBcqV8SQAxAWm_Yhy3kNdKbsvXClvJzXew==
9825.388a34f5.chunk.js
www.niftygateway.com/static/js/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/9825.388a34f5.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93b09b5e85e42391377c5bb4c753d198fb50506092aadf4382a1aa2a5b883767
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"f8f1e43f469406967835314eed8cdd4f"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
4k_imubwKLi4yr5NfEnu0ySXWshldEfOkJsFl4Z17TS6EQpWTToaaQ==
7316.806e7698.chunk.css
www.niftygateway.com/static/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/css/7316.806e7698.chunk.css
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e5bde18e61ea07c1cebae4a9ce6ed180da43ced8390503fe5e688ab6d39d38d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"f8fecb1770a8403b9618db311fbcea12"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
eXGIHurtyXyEKfi0AJRO9EdAPv2qoypVR7xSIEYAAZLkJgvvi6haFQ==
7316.70501f4b.chunk.js
www.niftygateway.com/static/js/ 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/7316.70501f4b.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f411cd063127e00949e959bbee20979a5801f22365d893b1277e4cc691cd4ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"703acd0a7091f8b46078d6b0cf94ab24"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
8y1Rzj-StPGsVzFALE-0azyjfHf6WF-ea1aY-rTFJeMQG1JvtHbx1g==
loader.min.js
api.sardine.ai/assets/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/loader.min.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ab613dc645fdb11a78c05b119b3650709c78eb165cffdce8d01f6ec10cd73b0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 07:47:32 GMT
content-encoding
gzip
age
1610
x-guploader-uploadid
ABPtcPq0EmhVrzgmmSE8mhm5qD_VncDZ9NrmlQCtdDJ6tmyKHndP_1-UAkZFISg1OQp5MpAa6OnEWGvFTA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25898
last-modified
Tue, 28 May 2024 19:10:53 GMT
server
UploadServer
etag
"66e173c32d917c1534d3c14a8c6adb14"
x-goog-hash
crc32c=9GSRoQ==, md5=ZuFzwy2RfBU008FKjGrbFA==
x-goog-generation
1716923453608214
access-control-allow-origin
*
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=1800,no-transform
x-goog-stored-content-length
25898
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 30 May 2024 08:17:32 GMT
api.js
www.google.com/recaptcha/ 		1 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
7a2fed4be63c0ca4a652117eca4bca73fab0f72ef5ab170970eeb5cfa608d183
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 May 2024 08:14:22 GMT
2422.e6f82db7.chunk.js
www.niftygateway.com/static/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/static/js/2422.e6f82db7.chunk.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c912f863ee5b7d580c3f8a22b0de6a1b0b4f801e12567398d6dc5ecaabacce83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"1774f288a3760d35349d0e6488440f31"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
8QPrZtUlTzF4TlEg1Sb3-C2_rhZaWZTqP8hmq4f44sdkawR3xB8fLg==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 May 2024 14:44:59 GMT
x-content-type-options
nosniff
age
149363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 14:44:59 GMT
metamask-alternative_1_dvrill.webp
media.niftygateway.com/image/upload/v1646231999/AA/ 		606 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.niftygateway.com/image/upload/v1646231999/AA/metamask-alternative_1_dvrill.webp
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-64.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
e5318eac9e25bc1c702aab3ace23aa3d64e536aa86eab99243e0e32a28e7e978
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 14 May 2024 17:34:23 GMT
x-content-type-options
nosniff
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1348799
x-cache
Hit from cloudfront
content-disposition
inline; filename="metamask-alternative_1_dvrill.webp"
content-length
606
last-modified
Fri, 26 May 2023 02:51:12 GMT
server
cloudflare
etag
"e9a3fc069377c50def8a3d9fd89739c3"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
874572433b80e264-ORD
timing-allow-origin
*
x-amz-cf-id
FKu5EOcqwbI26mF7UV9pQ9_xoKqDT4YeM8-E0nfCJRZBDdPzEkqyLg==
controller-with-preconnect-b33246e3f2ce9d36baf58e11bdb36d31.html
js.stripe.com/v3/ Frame 8D2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-b33246e3f2ce9d36baf58e11bdb36d31.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
39
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
228
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 08:14:22 GMT
etag
"b33246e3f2ce9d36baf58e11bdb36d31"
last-modified
Thu, 30 May 2024 03:25:52 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
8
x-content-type-options
nosniff
x-request-id
a6d5ef56-6019-49f1-ab16-9ecf014ab05c
x-served-by
cache-mrs10528-MRS
/
api.niftygateway.com/home/cta/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/home/cta/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sid,x-time
Access-Control-Request-Method
GET
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sid,x-time
access-control-allow-methods
OPTIONS,DELETE,PATCH,POST,PUT,HEAD,GET
access-control-allow-origin
https://www.niftygateway.com
access-control-max-age
86400
age
32282
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 23:16:20 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=3600
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-id
beE1Pe5bjZcYHoxZel97fDqz1B-v_Qonxna2v7iLRxNPgFkngaG9Lg==
x-amz-cf-pop
FRA60-P5
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-request-id
3668ee15-da17-4146-a314-3dff227315d2
/
api.niftygateway.com/home/cta/ 		2 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/home/cta/
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
X-Time
1717056862489
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SID
6360ff65-68f3-4ffe-8058-2ef1b6437d9a

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
3e2524d7-754a-4b75-98ba-1e6159ed52ba
referrer-policy
same-origin
server
nginx
x-frame-options
DENY
vary
Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
https://www.niftygateway.com
access-control-allow-credentials
true
x-amz-cf-id
RiRTCZK9jCGymCtLXswmk2GDlg0kLAhxLo266WdCvUFL14MO1BGKpg==
/
api.niftygateway.com/v1/fxrates/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v1/fxrates/?source_currency=ETH&base_currency=USD&order_by=-created_at&limit=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sid,x-time
Access-Control-Request-Method
GET
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sid,x-time
access-control-allow-methods
OPTIONS,DELETE,PATCH,POST,PUT,HEAD,GET
access-control-allow-origin
https://www.niftygateway.com
access-control-max-age
86400
age
34920
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 22:32:22 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=3600
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-id
v52WS0ttBnqqqrcw4pNRz3ajYDOqXH99SyfdBRtBjOVnm84wE4LeNQ==
x-amz-cf-pop
FRA60-P5
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-request-id
85cc55f7-d016-4a2c-b3e0-fc34eabde791
/
api.niftygateway.com/v1/fxrates/ 		298 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v1/fxrates/?source_currency=ETH&base_currency=USD&order_by=-created_at&limit=1
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
00a03b04472297c488f114877c805eea7199ae707f0abef4e4ccc9c1d5770322
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
X-Time
1717056862504
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SID
6360ff65-68f3-4ffe-8058-2ef1b6437d9a

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
298
x-request-id
eeb96580-f0d2-41f0-9d09-72d946bb68a8
referrer-policy
same-origin
server
nginx
x-frame-options
DENY
vary
Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
https://www.niftygateway.com
access-control-allow-credentials
true
x-amz-cf-id
cLBo_n853CQ68nLO7coxYyKPdLDYoN0F--zByBLAk737NwxUXP2QSA==
datafile.json
exp.gemini.com/ 		466 KB
467 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exp.gemini.com/datafile.json
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa688c13a306ce08c403f2a1d5977c09f181d6385233ccd19b88eb111aff1f9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
x-amz-version-id
QGyn3DCbJ7_U_4ov5mPr_htG7uNxFRJr
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
476826
last-modified
Wed, 29 May 2024 19:09:43 GMT
server
AmazonS3
etag
"523ab94abbc6ea6a7393247656e15c17"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
access-control-allow-origin
https://www.niftygateway.com
content-type
application/json
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
mS05qfbQ_FAAGCRc7FsAgQdnCnfOh1cnCmcb9z6XK-Btfg5N48H_4Q==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C3CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
14842782
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 08:14:22 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
21129
x-content-type-options
nosniff
x-request-id
3931f678-3da1-49ed-806a-07fdc5543e08
x-served-by
cache-mrs10528-MRS
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=2c747b16-6f49-4bd2-893f-1909566d4799
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1XEFSGR91PCDXE6F
age
18
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
OAeeKDeTQpE8kek846C2mhvc59K+Z8qN+9Jm6dRF1kaXHTO36LS+00rAD/gc+KXlg4dFiT2mbVo=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K66nCG95DLUTRUX3wX4JlKOgP07OHSiJHZztrZPsirtgQFWDKinhAwPbK003G12B5o2NPZWeDRP6HJ%2FeM%2BCrynNDfaSKIDF3IPj3zY3bL8j5Xz0xiBNMdh9NiRzqpxAe%2BGLZuEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
88bd452fdbaae3cf-TLV
access-control-allow-headers
*
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10801089900/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10801089900/?random=1717056862630&cv=11&fst=1717056862630&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9123216747&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&hn=www.googleadservices.com&frm=0&tiba=Nifty%20Gateway%20Studio&npa=0&pscdl=noapi&auid=1926571662.1717056863&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10801089900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
8c5e8b8c9184d811abd1e8709fbb2802fa9dc2ac636d1df7f1b1a0877af7a514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2c747b16-6f49-4bd2-893f-1909566d4799
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/2c747b16-6f49-4bd2-893f-1909566d4799
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f70f66c833b6f9b062746ee3b90efb54e18b8c4653d0236dd294204ef765db2e
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
88ad29609f056642-SEA, 88ad29609f056642-SEA
x-runtime
0.012862
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f70f66c833b6f9b062746ee3b90efb54"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFq%2B8F7Ne1k3lxpaYnausmyLm2LI3B2LOycfEpICXpO2RdwVCdfUmsx5pcUH7Kad4jAMtOT%2FA%2B3icrfDPLOPbJV62iy%2B2upoPQyWZpiq7ZYLZJ7KZSZcy37t%2B%2FwP1iitXvA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
88bd45312ed8e3d3-TLV
collector.min.6ea1273.html
api.sardine.ai/assets/ Frame AFB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
age
951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1800,no-transform
content-encoding
gzip
content-language
en
content-length
210
content-type
text/html
date
Thu, 30 May 2024 07:58:31 GMT
etag
"0c0a3eef35ff3d8168b69c2e502413b4"
expires
Thu, 30 May 2024 08:28:31 GMT
last-modified
Tue, 28 May 2024 19:10:53 GMT
server
UploadServer
x-goog-generation
1716923453507789
x-goog-hash
crc32c=0eiBVQ== md5=DAo+7zX/PYFotpwuUCQTtA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
210
x-guploader-uploadid
ABPtcPosjhQMg7hSAypIkW9XUDF6FG0xXKAGDqoeFnZE-wyjnM0bZKGnp6wuuqH5XTKs0GwRUBw
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		547 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a843cef97d8f7395544de4bef462a9aabb159122619df897cc09dd3794250db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.niftygateway.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 May 2024 16:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215211
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 May 2025 16:13:31 GMT
5fa12121-3ef8-4e8f-8226-e8cbcfdc31f7.js
tr.snapchat.com/config/com/ 		185 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/5fa12121-3ef8-4e8f-8226-e8cbcfdc31f7.js?v=3.17.1-2405282331
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
8cc30df6436faf2dce9e3f35d2397c1386f464760dfc2d36150e833031297894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.niftygateway.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://www.niftygateway.com
x-envoy-upstream-service-time
92
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
i
tr.snapchat.com/cm/ Frame B95C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=5fa12121-3ef8-4e8f-8226-e8cbcfdc31f7&u_scsid=6d9698db-3c33-4268-b7df-e18120665742&u_sclid=f566813a-3581-42ef-aa3a-4c84baf57d50
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Thu, 30 May 2024 08:14:23 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f87ac7cc-927f-4955-974a-f31577a1e814&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcc98a3b-a35a-4adb-a3d9-27624afe023c&tw_document_href=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o74ey&type=javascript&version=2.3.30
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
168
date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
e0364d8b7671084b
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
d68470664181ccefc4e6c6e5135ccd42e3a78fb7cd49c651a2f4194430c2fc4b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f87ac7cc-927f-4955-974a-f31577a1e814&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fcc98a3b-a35a-4adb-a3d9-27624afe023c&tw_document_href=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o74ey&type=javascript&version=2.3.30
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
175
date
Thu, 30 May 2024 08:14:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
7d29635fa1872427
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
298a4d37bce7ba7401619ded0a65ea502b433b9ae3d0dab6ceebd0d45203810c
content-length
43
1014544452472237
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1014544452472237?v=2.9.156&r=stable&domain=www.niftygateway.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
578872f399dbfb1160859db693a4e64a7b426f528de38a2791af13319416b9af
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 May 2024 08:14:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=61, mss=1380, tbw=63384, tp=-1, tpl=-1, uplat=77, ullat=0
pragma
public
x-fb-debug
fKgOx491VSNVAswO/DIKgMP/DAlS+RhNR4IO+bSIqVY8QL6kWPsv34G+PdFBDxfVTyiHvkFCTSy+73bn1GDBGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10801089900/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10801089900/?random=1717056862630&cv=11&fst=1717056000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9123216747&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&hn=www.googleadservices.com&frm=0&tiba=Nifty%20Gateway%20Studio&npa=0&pscdl=noapi&auid=1926571662.1717056863&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLGDWrP05R3cxG3brnwfRgLhNCEmhsuA&random=1573883801&rmt_tld=0&ipr=y
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.il/pagead/1p-user-list/10801089900/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-user-list/10801089900/?random=1717056862630&cv=11&fst=1717056000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0za200zb9123216747&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&hn=www.googleadservices.com&frm=0&tiba=Nifty%20Gateway%20Studio&npa=0&pscdl=noapi&auid=1926571662.1717056863&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLGDWrP05R3cxG3brnwfRgLhNCEmhsuA&random=1573883801&rmt_tld=1&ipr=y
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:22 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://www.niftygateway.com
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1014544452472237&ev=PageView&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&rl=&if=false&ts=1717056863063&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717056863062.798940748&ler=empty&cdl=API_unavailable&it=1717056862864&coo=false&rqm=GET
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=10, mss=1380, tbw=2832, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 30 May 2024 08:14:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1014544452472237&ev=PageView&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&rl=&if=false&ts=1717056863063&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1717056863062.798940748&ler=empty&cdl=API_unavailable&it=1717056862864&coo=false&rqm=FGET
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1a2d578f98ff1c59","source_keys":["1","2"]},{"key_piece":"0x33bd1d2eb7a527c9","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 30 May 2024 08:14:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=14, mss=1380, tbw=3150, tp=-1, tpl=-1, uplat=128, ullat=0
pragma
no-cache
x-fb-debug
NF02ClZx4yFHgt2yFOXlp157pVv3l3wpJfeWDGdu4oYAlxcs62s2Avc4cIuYi08i8wbkeUtjFkT8CI0yiGHHsA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-main-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		456 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2c747b16-6f49-4bd2-893f-1909566d4799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2532f2c05410f507f22cf99dc89e3c240c495caa9aca45745d6bfc81f841f7ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
_n8r.NUcUhB6WHYNK8FtbgGmnck8h3JW
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
JNNJSCQVW5E2F0CX
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
5DiDuyaGnJEmb7PUPJwptsILTOr2dDel6aMxQ9E05alCwdgSXmmGI9Uz6bu8Ex8WjYdRDEZFFEKpb9h+CB7KvA==
last-modified
Tue, 21 May 2024 08:00:03 GMT
server
cloudflare
etag
W/"b83c840cbea70517dd4aac2528a75c10"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiZ66s5l%2BMCDJUxinq6SNqnmMHZVnzpbL2tG6Vib5Dejs8gjVsMbJuwXJZ%2BNzJV41sRHraZ2S7QIWEApes%2BlFaM%2B5ke1zhpV3YkJI2764eBUx5LTICZtAth9XmJrdbbj4Uau0dI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45330ff3e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:02 GMT
p
tr6.snapchat.com/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
NGmogi_doggo.60e55c08dbbe5e9c58a82bab4f4a0002.svg
www.niftygateway.com/static/media/ 		12 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.niftygateway.com/static/media/NGmogi_doggo.60e55c08dbbe5e9c58a82bab4f4a0002.svg
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c1dd01571e8be7785833e558d653cf8c36982b65d342fc3c6c8934dccdbfd41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
W/"204c12eac89c2ca1a823fb01d0caa293"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0, s-maxage=2
x-robots-tag
all
x-amz-cf-id
ZqirHkOi2r5vb0yl66E6alfqVTuhGKXzBUPpwWxF_uxa7qfyGfiQCg==
/
api.niftygateway.com/v2/users/mksporticu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sid,x-time
Access-Control-Request-Method
GET
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sid,x-time
access-control-allow-methods
OPTIONS,DELETE,PATCH,POST,PUT,HEAD,GET
access-control-allow-origin
https://www.niftygateway.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 08:14:23 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=3600
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-id
qa83Gwvqmv68gVNLSGOyEyQPOeYiq2skgmJhJFv2cRPrKqbqqSS8Vg==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-request-id
a56d2295-3852-4fc5-aad6-87b70c899c27
/
api.niftygateway.com/v2/users/mksporticu/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6727abf0015ec8a70a5380253cb278b5bd2c45c1efef93f31098ef4452e08d8e
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
X-Time
1717056863372
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SID
6360ff65-68f3-4ffe-8058-2ef1b6437d9a

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
content-encoding
br
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-request-id
56df4a82-b054-4c94-8fba-53a2342b7a9a
referrer-policy
same-origin
server
nginx
allow
GET, HEAD, OPTIONS
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://www.niftygateway.com
vary
Accept-Encoding, Origin
access-control-allow-credentials
true
x-amz-cf-id
_P3AgWtBpi5RzqR214i031UfTk-pckeWk_2EWuB0IfYb9szqiVNpFg==
anchor
www.google.com/recaptcha/api2/ Frame 68E2 		0
0
p
tr.snapchat.com/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://www.niftygateway.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
w.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.niftygateway.com
Date
Thu, 30 May 2024 08:14:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
en-us-json-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 08D7 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
.wQK.xsJk3Y5gTDB1Kv8Qfjb91MC5_Ih
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYTPBVX4H6J29R6
age
168928
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
x5vmAuM2aRnQYRwqdMWgWr2rVUvu2yeW7VY06LWAMsSXkTaAeVbb0OHu7/A4nH3v0SSAynD0wDo=
last-modified
Tue, 21 May 2024 08:00:04 GMT
server
cloudflare
etag
W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KWlKC1N6jkDiANtwj%2FczLs47FHyvpvV4cFbnL9TBSrbzFFvXA96SyNNec5UCoO3GVlKQw3NbQwE2PckkC33B1ZvfCEpD%2BLGb4%2F5d6ho84jwIt1jWzSEl%2BoQitbjevAAw8sKwog%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b52e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:03 GMT
web-widget-4852-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
M06B72M7vFUIna6iu8mCVXAa42U1_qIV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYT0ZQM4NG9CBC0
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
XNf8/4ORgwofem636TKEEuN50Iz9ivJZ6jUsKRoFp2gMmnGj8WNS1laq6Zhk7izbajVZtxOvJ/0SVQ83fFbn6Q==
last-modified
Tue, 21 May 2024 08:00:02 GMT
server
cloudflare
etag
W/"40fb729956c4a956df4256614af4b393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0u%2BIci99eGeC%2Bu1rB1LsQSYS4w9Dia7U3VVVu4lzQ1r7cVzKyyW%2B81ndff4df7ARZf%2FNn9jylAz0aq5BUlM29EsPT%2FzypL2bHF9CsgINrhO9JIQPt72q0IfboZJ4RMJIcPNOdz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b54e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:01 GMT
web-widget-9527-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
8GXAr8wtsIR0vyrO8tNcRslrWdl537XH
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYXMFVNVEJR25PX
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
UrqhGv+CDsDYBx5Pv2RARcrVrCMXgV0a4Mof12dZTHZz+1Kb7YOgWdqGjUWV48LXNA0cKzwSMwndYffKyksqVA==
last-modified
Tue, 21 May 2024 08:00:03 GMT
server
cloudflare
etag
W/"083d4fe56f4013855997ad6d21392f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlgDN4YC1mV9jrwbKezvrv6c3nNqROT5Vm92vuE%2Fd714V%2FyZ2gpoSs%2Fh7VzWLLGGPVcyGmXyl6%2BovUsgPyDPp55c1aTL%2Fb5krXOTWbZj2gJth%2BWmsCnuMh8nUwrZmc5i82SElBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b55e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:02 GMT
web-widget-2306-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
AlkTYT9ZfTF3yVcDB9NuSwjhC59CG2k3
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYXJ1AEY9SXZAT3
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
/F9d9jgEt2xH+omEoB07goVzatT125S5agHSMJI4wnxyjhgfE3A5uTZlPnYa7HwAPQXI6qDG44w=
last-modified
Tue, 21 May 2024 08:00:02 GMT
server
cloudflare
etag
W/"1b2c14135523982db180c989ec11c5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUQTEWuS1ZZlBWghhFsw0ohgLgOBp5RzJKEoovHFi6PrHQdk%2FtR%2FW2d3QCLMfcs519KhWWqWAtcVPFSNDKu2uOwNEosB2yAl1YoNTy8O%2BFANXT7q3hQ7fMHM7DAIeEzz1i4aSdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b56e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:01 GMT
web-widget-5178-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
wKrDC5LktoEcJdPHZBFRrlbfl6GRcHTD
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYRPNDWG3FE0RHN
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
fnQ1DHWWivCbgmBfnJhn2/IQn0FqLhpNdwsncFdtKg+YzciCbHRIuSJUBpl53FtOsY38U7fSwiE=
last-modified
Tue, 21 May 2024 08:00:02 GMT
server
cloudflare
etag
W/"7ea6a03ae546d28215fb61ff43d384ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8bn8N26Vb%2BqQNsTAbxQruZ%2FEQHejjGYglhv1zzcss0jHoY7akG3QwjELMNlCb%2F4e2kXYzeWCT2GZOis4V1Y6B2X0KtyzsWVA2LvTTu5PtKfcyju9mRK7Gr7JsJ%2Fky8lY88a7ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b58e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:01 GMT
web-widget-9535-4a143a0.js
static.zdassets.com/web_widget/messenger/latest/ Frame 08D7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4a143a0.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:23 GMT
x-amz-version-id
CFUGYiOKXVe_phN09rf52i1St84xmvFd
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RCYMGTMHM9HQH3ED
age
168935
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
CmE4bjG0YxT8aTo94FgOJkaJdbgxZx7P9c2kda0ITveaHUQ+GV8vBa8KFCdxV4b+iIVSwdA6Wig=
last-modified
Tue, 21 May 2024 08:00:03 GMT
server
cloudflare
etag
W/"49e0c7e2a647623949726517bb39175a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bWmFWJ%2BvgZrRH8jVBYyP5HJhHckpNx65lxIZN%2FYOiCpDF%2FwGTyIhYpq0ELPfVfDbyGdhp3wODO15%2Fp%2BUC5KFAk3FAY08uXyCwLZPlf8AnYjla%2FPLdzosJSQQLe5D84tlaDG7ugM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88bd45358b59e3cf-TLV
access-control-allow-headers
*
expires
Wed, 21 May 2025 08:00:02 GMT
pv
niftygateway.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://niftygateway.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
88bd4536fb79e3e3-TLV
date
Thu, 30 May 2024 08:14:23 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zn6xZZx46Z8deMkALxao86GUwPFCYKm7VBITiXLyQ4MUUNKdeSH2dCDh%2F9SNWGjj2o%2FLrUvwhHd8gP2Ez51%2BHHb5562Juwyq0ZnUDUX4JNKk3AOGsWbB7Xxr3BkSHKv3UXfl1qZvBpUbxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
88bd4536fb79e3e3-TLV
x-zendesk-zorg
yes
pv
niftygateway.zendesk.com/frontendevents/ Frame 08D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://niftygateway.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBWroCGLvS1RyU5VH6%2BG7oUq9n8aEl4jfYavkY2qa5H1PxPhwzzgKoTC3JaV%2BlpNAEq8Iz%2F0LSNx9fG3WAKX3uQuBiOEqasjEWumhLQfZhZ5DBQZQTJ7Cu%2FtXYEHXYQgiuelWv6gZQ%2B8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
88bd45385da9e3e3-TLV
content-length
0
x-request-id
88bd45385da9e3e3-TLV
config
niftygateway.zendesk.com/embeddable/ Frame 08D7 		825 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://niftygateway.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f12cd1867d48e4fac23f775051589d5e62c0a1522d1b50c3dff3845ae50f39

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-774cd9bc74-bhpmj
x-cached
MISS
x-runtime
0.002772
last-modified
Thu, 30 May 2024 08:05:50 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fxd%2FNxC1HaIRh6IvKp0VJVxCUOj%2F2TL43DCReZsrsVpiIArTt5Hc4XNX76I4e84O7kt7GkC7jWy5ev993UHxCsh4cPv1ZKwgix0DQ5vaKjRsEXZOAI0jfsmJme0UT8wn2x10%2BCCEibrs0g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
88bd4536fb7be3e3-TLV
loader.min.js
api.sardine.ai/assets/ 		74 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/loader.min.js
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3ab613dc645fdb11a78c05b119b3650709c78eb165cffdce8d01f6ec10cd73b0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 07:47:32 GMT
content-encoding
gzip
age
1610
x-guploader-uploadid
ABPtcPq0EmhVrzgmmSE8mhm5qD_VncDZ9NrmlQCtdDJ6tmyKHndP_1-UAkZFISg1OQp5MpAa6OnEWGvFTA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25898
last-modified
Tue, 28 May 2024 19:10:53 GMT
server
UploadServer
etag
"66e173c32d917c1534d3c14a8c6adb14"
x-goog-hash
crc32c=9GSRoQ==, md5=ZuFzwy2RfBU008FKjGrbFA==
x-goog-generation
1716923453608214
access-control-allow-origin
*
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=1800,no-transform
x-goog-stored-content-length
25898
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 30 May 2024 08:17:32 GMT
api.js
www.google.com/recaptcha/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
7a2fed4be63c0ca4a652117eca4bca73fab0f72ef5ab170970eeb5cfa608d183
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 May 2024 08:14:22 GMT
collector.min.6ea1273.html
api.sardine.ai/assets/ Frame A2BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Requested by
Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.14.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.14.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
*
age
951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1800,no-transform
content-encoding
gzip
content-language
en
content-length
210
content-type
text/html
date
Thu, 30 May 2024 07:58:31 GMT
etag
"0c0a3eef35ff3d8168b69c2e502413b4"
expires
Thu, 30 May 2024 08:28:31 GMT
last-modified
Tue, 28 May 2024 19:10:53 GMT
server
UploadServer
x-goog-generation
1716923453507789
x-goog-hash
crc32c=0eiBVQ== md5=DAo+7zX/PYFotpwuUCQTtA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
210
x-guploader-uploadid
ABPtcPosjhQMg7hSAypIkW9XUDF6FG0xXKAGDqoeFnZE-wyjnM0bZKGnp6wuuqH5XTKs0GwRUBw
anchor
www.google.com/recaptcha/api2/ Frame 9B8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL&co=aHR0cHM6Ly93d3cubmlmdHlnYXRld2F5LmNvbTo0NDM.&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=4on8tupgr2tk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kNO7WuVfpVlLLMBFLd5BUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kNO7WuVfpVlLLMBFLd5BUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 May 2024 08:14:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p7wmrbdzfwij9pd5xd0w.webp
media.niftygateway.com/image/upload/q_auto:good,w_500,f_webp,c_limit/v1715228695/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.niftygateway.com/image/upload/q_auto:good,w_500,f_webp,c_limit/v1715228695/p7wmrbdzfwij9pd5xd0w.webp
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/@mksporticu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-64.fra60.r.cloudfront.net
Software
Cloudinary /
Resource Hash
656c7dd832e08394fd2acc439a7afcd7aa3da0ab3cba758cb0d9df5e339c7106
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-disposition
inline; filename="p7wmrbdzfwij9pd5xd0w.webp"
server-timing
cld-akam;mitm=z;dur=255;cpu=22;start=2024-05-30T08:14:24.185Z;desc=miss,rtt;dur=9,content-info;desc="width=500,height=500,bytes=6772,owidth=500,oheight=500,obytes=19084,ef=(1,13,17,97)",cloudinary;dur=207;start=2024-05-30T08:14:24.216Z,cld-id;desc=6443f78e1f6d9a03f336bf6680095f44
content-length
6772
x-request-id
6443f78e1f6d9a03f336bf6680095f44
last-modified
Thu, 30 May 2024 08:14:25 GMT
server
Cloudinary
etag
"0eb580b8764c40ccc42a64146735e47e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_imyZfHo8aUzNSRpJbPGfhnpY9EGS_XQsd9gYqemRmcw13gVjBVgWQ==
/
api.niftygateway.com/v2/users/mksporticu/nifties/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/nifties/?page=1&page_size=72&search=&ordering=&chain=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sid,x-time
Access-Control-Request-Method
GET
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sid,x-time
access-control-allow-methods
OPTIONS,DELETE,PATCH,POST,PUT,HEAD,GET
access-control-allow-origin
https://www.niftygateway.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 08:14:24 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=3600
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-id
liDwPI3AIIeGG2Al8yilMgnHkxAxTttj1otv7dWZQRzJKZvTmuiutQ==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-request-id
9d4ee20e-b087-419b-b1df-05261f75b89b
/
api.niftygateway.com/v2/users/mksporticu/nifties/ 		52 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/nifties/?page=1&page_size=72&search=&ordering=&chain=
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
X-Time
1717056864056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SID
6360ff65-68f3-4ffe-8058-2ef1b6437d9a

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
52
x-request-id
2109618d-18ab-4f43-ad43-671874f29dc7
referrer-policy
same-origin
server
nginx
x-frame-options
DENY
vary
Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
https://www.niftygateway.com
access-control-allow-credentials
true
x-amz-cf-id
vGMTKugaj8fTS18p2_D5q66TZi8kpDjmpUkkU9_VzJewEyR17SjMZw==
/
api.niftygateway.com/v2/users/mksporticu/external-nifties/ 		52 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/external-nifties/?page=1&page_size=72&walletAddress=&ordering=&search=
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
X-Time
1717056864056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-SID
6360ff65-68f3-4ffe-8058-2ef1b6437d9a

Response headers

date
Thu, 30 May 2024 08:14:24 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
52
x-request-id
e3ecb47f-bc33-428b-a8f7-54c96626b5e7
referrer-policy
same-origin
server
nginx
x-frame-options
DENY
vary
Origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
https://www.niftygateway.com
access-control-allow-credentials
true
x-amz-cf-id
rMpVW1rzv9zdm6G4PREL6dMk6cO_aIVojRmYKhgzRxHPLWBmrG6cCA==
/
api.niftygateway.com/v2/users/mksporticu/external-nifties/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.niftygateway.com/v2/users/mksporticu/external-nifties/?page=1&page_size=72&walletAddress=&ordering=&search=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.60.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-81.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sid,x-time
Access-Control-Request-Method
GET
Origin
https://www.niftygateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-sid,x-time
access-control-allow-methods
OPTIONS,DELETE,PATCH,POST,PUT,HEAD,GET
access-control-allow-origin
https://www.niftygateway.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 08:14:24 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=3600
vary
Access-Control-Request-Method Origin Access-Control-Request-Headers
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
x-amz-cf-id
PCCWRV_6hS8zYYKhKWRmrzi25uMvrytECFrKpsWZYbJuxvBOJlTkcQ==
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-request-id
54d2b594-0187-4932-b55c-a1fe57f27069
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 May 2024 23:55:05 GMT
x-content-type-options
nosniff
age
461959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 23:55:05 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.niftygateway.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 24 May 2024 21:31:43 GMT
x-content-type-options
nosniff
age
470561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10540
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:48:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 May 2025 21:31:43 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&RedC=c.clarity.ms&MXFR=3ACAAF7CC02260600004BBF3C4226EEE
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&MUID=054360C82FF968FD1B4274472E8469C3
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&MUID=054360C82FF968FD1B4274472E8469C3
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:25 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 30 May 2024 08:14:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A1A4CE511C74559A6564402E0EB5A5F Ref B: TLV30EDGE0111 Ref C: 2024-05-30T08:14:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1456F5CBC4A24C7A87CB6697595B7610&MUID=054360C82FF968FD1B4274472E8469C3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
www.niftygateway.com/ 		789 B
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.niftygateway.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-7.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6f40ff2d39302f42bf2b44ee8ad1689a07cd4c656eecd0a68b9662d37795e53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.niftygateway.com/@mksporticu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 May 2024 08:14:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-security-policy-report-only
default-src 'self' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://connect.facebook.net/ https://js.stripe.com/v3/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://api.sardine.ai https://static.zdassets.com/ https://ekr.zdassets https://ekr.zendesk.com https://*.zopim.com wss://demonifty.zendesk.com wss://*.zopim.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://edge.fullstory.com/s/ https://static.ads-twitter.com/uwt.js https://sc-static.net/ https://googleads.g.doubleclick.net/ https://tr.snapchat.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com; img-src https: blob: data:; connect-src https://api.niftygateway.com https://odysseymarket.niftygateway.com https://api.sandbox.niftygateway.com https://stats.g.doubleclick.net https://www.facebook.com/tr/ https://www.google-analytics.com https://api-js.mixpanel.com ​https://www.clarity.ms wss://widget-mediator.zopim.com https://nifty-qa100.service.aws-qa.sd.gem.link https://demonifty.zendesk.com https://ekr.zdassets.com https://encrypted-tbn0.gstatic.com/images https://lh3.googleusercontent.com https://tr.snapchat.com https://eth-goerli.alchemyapi.io https://search-api-staging.s-niftygateway-001-use1.svc.gem.link https://search-api.niftygateway.com https://search-api-dev.d-niftygateway-001-use1.svc.gem.link https://ipfs.io https://rs.fullstory.com https://session-replay.browser-intake-datadoghq.com https://eth-mainnet.alchemyapi.io https://api.cloudinary.com/v1_1/nifty_gateway/auto/upload https://api.pinata.cloud/pinning/pinFileToIPFS https://openseauserdata.com https://rum.browser-intake-datadoghq.com https://api.x.immutable.com https://i.seadn.io https://cdn.optimizely.com https://img.seadn.io https://storage.opensea.io https://api.opensea.io; font-src https://fonts.gstatic.com https://use.typekit.net/ 'self'; object-src 'self'; media-src https://media.niftygateway.com https://static.zdassets.com https://openseauserdata.com https://storage.opensea.io https://res.cloudinary.com; frame-src https://js.stripe.com/v3/ https://www.google.com https://api.sardine.ai https://api.dev.sardine.ai https://tr.snapchat.com/ https://www.youtube.com; frame-ancestors 'self'
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
789
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 30 May 2024 01:22:56 GMT
server
AmazonS3
etag
"dd08a68b6a2538356004ce5bf6cb8f08"
x-frame-options
DENY
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-robots-tag
all
x-amz-cf-id
94Z0q3OKFMnG1LMXAhb2qOpe0-tq7jfENvn030oSMAI99PLfE33rJw==
collect
w.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.niftygateway.com
URL: https://www.niftygateway.com/static/js/index.998f14bc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.niftygateway.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.niftygateway.com
Date
Thu, 30 May 2024 08:14:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbJ2UbAAAAAIYAB4viUUyuNmeTZ6GAZo7BNzXL&co=aHR0cHM6Ly93d3cubmlmdHlnYXRld2F5LmNvbTo0NDM.&hl=iw&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=3dav27g1aib0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| clarity function| gtag object| dataLayer string| _fs_loaded function| _fs_shutdown object| webpackChunkStripeJSouter function| noop function| Stripe object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunknifty_frontend object| DD_RUM number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| fbq function| _fbq function| twq function| snaptr function| onRecaptchaLoadCallback object| GooglebQhCsO object| zEWebpackACJsonp function| zE function| zEmbed function| a3N function| a3r function| parcelRequire7d99 object| regeneratorRuntime object| _Sardine string| _sardine_revision object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _scPxHelper object| _scPxTeller object| twttr boolean| zEACLoaded object| recaptcha object| closure_lm_590147 object| closure_lm_980047

35 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 485df45f62ba4678a155a129011960e8
www.clarity.ms/ Name: CLID
Value: 29a0186477dc49fea9141c68e67723b2.20240530.20250530
.niftygateway.com/ Name: _ga_XN0S484YR4
Value: GS1.1.1717056861.1.0.1717056861.60.0.0
.niftygateway.com/ Name: _ga
Value: GA1.1.1701043027.1717056861
.niftygateway.com/ Name: _clck
Value: 1b56bcy%7C2%7Cfm7%7C0%7C1611
.niftygateway.com/ Name: _clsk
Value: 1ti4hwj%7C1717056862110%7C1%7C1%7Cw.clarity.ms%2Fcollect
.niftygateway.com/ Name: _gcl_au
Value: 1.1.1926571662.1717056863
.niftygateway.com/ Name: _scid
Value: c246456e-a0e8-441d-888d-83f59eb463c9
.niftygateway.com/ Name: _scid_r
Value: c246456e-a0e8-441d-888d-83f59eb463c9
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.niftygateway.com/ Name: _fbp
Value: fb.1.1717056863062.798940748
api.niftygateway.com/ Name: nifty_write_lock
Value: y
.twitter.com/ Name: personalization_id
Value: "v1_Y9X6fZpACB1yd8msy+02bA=="
.niftygateway.com/ Name: _sc_cspv
Value: https%3A%2F%2Ftr.snapchat.com%2Fp
.tapad.com/ Name: TapAd_TS
Value: 1717056863818
.tapad.com/ Name: TapAd_DID
Value: 13d42602-c574-466c-aaae-68fc3a26fb3d
.t.co/ Name: muc_ads
Value: 46e27479-3a88-44cd-876d-8b8d561fbcdf
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.niftygateway.com/ Name: mp_1cd1557698e78afc5a6139251ac3996c_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218fc89078fa48a-01d23158588416-5771e33-1d4c00-18fc89078fb11a0%22%2C%22%24device_id%22%3A%20%2218fc89078fa48a-01d23158588416-5771e33-1d4c00-18fc89078fb11a0%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%2089%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22__timers%22%3A%20%7B%22Profile%20Page%20Viewed%22%3A%201717056864046%7D%7D
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAEXHwRGAMAgEwIqYORyExG4OSKpI8frzt1u5kCNLmkkxR8vcNMHFYkevue2o4dHQwO3Dv/7EC0WkMppAAAAA
.niftygateway.com/ Name: _sctr
Value: 1%7C1717016400000
api.sardine.ai/ Name: _immortal|deviceToken
Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..NmknVcNmAYRbMO6P.VQLBa2NC_tch3CxiAaIFRhm9CP02nv8DG_id3hG7mG69wf0YpjC09tUlQnI_kPwsU3urMlZdotc0l_DQQD6ymvc2wnyvCPO1i2AKI6g6RVsaohEh1xvoj7MckgybAwz_I7wlN_ubOJ61P_EjVHtXA45JGwqsZHit-sIa1Q0rU_fWiSSTxqAqXXFJeiXtIpWAfXxe_thxDGzESb_sRdR1_IpmyL0tki26YXVgk6OHjsOC-_cep4dkSM-0pGFlvCctOu_yJ8vwV6L_GwkNwEXZCSw_Pqrk5cB7c6wjUch85Gw.WWfbF96d4svTmtI5NTXNfQ
m.stripe.com/ Name: m
Value: b96aebf7-c436-43f5-ab6c-dfa9001d6c28c56259
.www.niftygateway.com/ Name: __stripe_mid
Value: 5be56d14-74da-4e3d-8b60-b1eb0bd5b569aef3a4
.www.niftygateway.com/ Name: __stripe_sid
Value: d205961c-598f-46d6-8434-3467d7b022a73e78a1
api.niftygateway.com/ Name: AWSALB
Value: K3btfPr4ZVxdEudwMb21ITF1kUJEu+VqmhGRD5sOmRpREUJwRusC2KIKRDuaE7NOmvWhToRF+cxCwxKIqyivTuChUqchN6/PgpOz4uT2uKQhAnPjrkv6bc5c2DZR
api.niftygateway.com/ Name: AWSALBCORS
Value: K3btfPr4ZVxdEudwMb21ITF1kUJEu+VqmhGRD5sOmRpREUJwRusC2KIKRDuaE7NOmvWhToRF+cxCwxKIqyivTuChUqchN6/PgpOz4uT2uKQhAnPjrkv6bc5c2DZR
.bing.com/ Name: MUID
Value: 054360C82FF968FD1B4274472E8469C3
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 054360C82FF968FD1B4274472E8469C3
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 054360C82FF968FD1B4274472E8469C3
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.niftygateway.com/ Name: _dd_s
Value: rum=0&expire=1717057762166

96 Console Messages

Source Level URL
Text
security error URL: https://www.niftygateway.com/@mksporticu
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://www.niftygateway.com/@mksporticu
Message:
[Report Only] Refused to load the script 'https://www.clarity.ms/tag/jxpzxbjuse' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com".
security error URL: https://edge.fullstory.com/s/fs.js(Line 3)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://edge.fullstory.com/s/fs.js(Line 3)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://edge.fullstory.com/s/fs.js(Line 3)
Message:
[Report Only] Refused to connect to 'https://edge.fullstory.com/s/settings/185DGN/v1/web' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-XN0S484YR4&gtm=45je45m0v9123216747za200&_p=1717056860790&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1701043027.1717056861&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717056861&sct=1&seg=0&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&dt=Nifty%20Gateway&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1373' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-XN0S484YR4&gtm=45je45m0v9123216747za200&_p=1717056860790&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1701043027.1717056861&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717056861&sct=1&seg=0&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&dt=Nifty%20Gateway&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1373' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XN0S484YR4&cid=1701043027.1717056861&gtm=45je45m0v9123216747za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XN0S484YR4&cid=1701043027.1717056861&gtm=45je45m0v9123216747za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.clarity.ms/tag/jxpzxbjuse
Message:
[Report Only] Refused to load the script 'https://www.clarity.ms/s/0.7.34/clarity.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://api.dev.sardine.ai https://edge.fullstory.com https://js.stripe.com/v3/ https://www.googletagmanager.com/gtag/js https://connect.facebook.net https://static.ads-twitter.com/uwt.js https://sc-static.net/scevent.min.js https://www.google.com/recaptcha/ https://static.zdassets.com/ https://www.gstatic.com/recaptcha/ https://tr.snapchat.com/ https://www.google-analytics.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://api.sardine.ai https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js https://www.youtube.com https://www.googleoptimize.com".
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.clarity.ms/s/0.7.34/clarity.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://w.clarity.ms/collect' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://js.stripe.com/v3/
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://api.niftygateway.com/home/cta/' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://api.niftygateway.com/v1/fxrates/?source_currency=ETH&base_currency=USD&order_by=-created_at&limit=1' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://exp.gemini.com/datafile.json' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://js.stripe.com/v3/
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://www.niftygateway.com/@mksporticu
Message:
[Report Only] Refused to connect to 'https://ekr.zdassets.com/compose/2c747b16-6f49-4bd2-893f-1909566d4799' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.niftygateway.com/@mksporticu
Message:
[Report Only] Refused to connect to 'https://ekr.zdassets.com/compose/2c747b16-6f49-4bd2-893f-1909566d4799' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://api.sardine.ai/assets/loader.min.js
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://static.zdassets.com/ekr/snippet.js?key=2c747b16-6f49-4bd2-893f-1909566d4799
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://static.zdassets.com/ekr/snippet.js?key=2c747b16-6f49-4bd2-893f-1909566d4799
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr6.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr6.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://api.niftygateway.com/v2/users/mksporticu/' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js(Line 544)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://sc-static.net/scevent.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://tr.snapchat.com/p' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://w.clarity.ms/collect' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://niftygateway.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://niftygateway.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://niftygateway.zendesk.com/embeddable/config' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4a143a0.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://niftygateway.zendesk.com/embeddable/config' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4a143a0.js(Line 1)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4a143a0.js(Line 1)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://api.sardine.ai/assets/loader.min.js
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js(Line 544)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://api.niftygateway.com/v2/users/mksporticu/nifties/?page=1&page_size=72&search=&ordering=&chain=' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://api.niftygateway.com/v2/users/mksporticu/external-nifties/?page=1&page_size=72&walletAddress=&ordering=&search=' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js(Line 762)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
security error URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__iw.js(Line 762)
Message:
The value for the Content-Security-Policy directive 'connect-src' contains one or more invalid characters. In a source expression, non-whitespace characters outside ASCII 0x21-0x7E must be Punycode-encoded, as described in RFC 3492 (https://tools.ietf.org/html/rfc3492), if part of the hostname and percent-encoded, as described in RFC 3986, section 2.1 (http://tools.ietf.org/html/rfc3986#section-2.1), if part of the path.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.niftygateway.com/static/js/index.998f14bc.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://w.clarity.ms/collect' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.niftygateway.com/@mksporticu
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-XN0S484YR4&gtm=45je45m0v9123216747za200&_p=1717056860790&gcd=13l3l3l3l1&npa=0&dma=0&cid=1701043027.1717056861&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1717056861&sct=1&seg=0&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&dt=mksporticu%27s%20NFT%20Collection%20%7C%20Nifty%20Gateway%20Studio&en=user_engagement&_et=7557&tfd=8934' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XN0S484YR4(Line 177)
Message:
[Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-XN0S484YR4&gtm=45je45m0v9123216747za200&_p=1717056860790&gcd=13l3l3l3l1&npa=0&dma=0&cid=1701043027.1717056861&ul=he-il&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1717056861&sct=1&seg=0&dl=https%3A%2F%2Fwww.niftygateway.com%2F%40mksporticu&dt=mksporticu%27s%20NFT%20Collection%20%7C%20Nifty%20Gateway%20Studio&en=user_engagement&_et=7557&tfd=8934' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.clarity.ms/s/0.7.34/clarity.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://w.clarity.ms/collect' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://www.clarity.ms/s/0.7.34/clarity.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://w.clarity.ms/collect' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.googleapis.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
api.niftygateway.com
api.sardine.ai
c.bing.com
c.clarity.ms
connect.facebook.net
edge.fullstory.com
ekr.zdassets.com
exp.gemini.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
media.niftygateway.com
niftygateway.zendesk.com
sc-static.net
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
tr6.snapchat.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.gstatic.com
www.niftygateway.com
www.google.com
104.16.51.111
104.18.70.113
104.244.42.195
13.107.21.237
13.107.246.45
13.224.189.7
142.250.181.227
142.250.184.228
142.250.185.131
142.250.186.104
142.250.186.74
142.250.74.194
143.204.207.250
146.75.120.157
151.101.0.176
151.101.192.176
157.240.251.35
157.240.251.9
173.194.76.154
18.173.205.104
18.245.60.81
18.66.147.64
216.239.32.181
23.96.124.156
34.120.14.251
35.190.43.134
35.201.112.186
68.219.88.97
93.184.221.165
00a03b04472297c488f114877c805eea7199ae707f0abef4e4ccc9c1d5770322
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
1c964c6452ea211af06970cf8072d91b350ad24288209b31fbeb16d60b769f77
1cf2fd619d9ed96b68586fd228f9fab225bb7dcff6ce89d504e145aa77894006
2532f2c05410f507f22cf99dc89e3c240c495caa9aca45745d6bfc81f841f7ab
2c1dd01571e8be7785833e558d653cf8c36982b65d342fc3c6c8934dccdbfd41
2cdeef79128b79368f7916144f8ed933a99c80acf05be57bdcff8d4f71f24db8
2ec7c90b8890c40e4372e4a28eea34919eafd58ee891ad60163eb1da381d531e
31c93a7232a0e5761793beb3020028115b42f153140067437921cb42e31860e2
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
3ab613dc645fdb11a78c05b119b3650709c78eb165cffdce8d01f6ec10cd73b0
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4f411cd063127e00949e959bbee20979a5801f22365d893b1277e4cc691cd4ec
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
578872f399dbfb1160859db693a4e64a7b426f528de38a2791af13319416b9af
5e5bde18e61ea07c1cebae4a9ce6ed180da43ced8390503fe5e688ab6d39d38d
60b1c42f28933bde09df838f008572c91fac4639c168ff44cea34afd66d9aa55
60c92fa272057efbd34781513b62aaefbcb8f5f1664e0be2f08d7a79e9439590
6439b602758b028ef4aaeefb1ffc174025b03fa91a5a931b0937b6797f5e40d7
656c7dd832e08394fd2acc439a7afcd7aa3da0ab3cba758cb0d9df5e339c7106
66c2d06a8928ed8e3ff9ffe3b74e5ab4aceac8570b91484b118e9c3816edd847
6727abf0015ec8a70a5380253cb278b5bd2c45c1efef93f31098ef4452e08d8e
6c9312991f7563984455cc1a962fdb3e06120fe3614f5eca6f2a04504ed2b07a
7a2fed4be63c0ca4a652117eca4bca73fab0f72ef5ab170970eeb5cfa608d183
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c5e8b8c9184d811abd1e8709fbb2802fa9dc2ac636d1df7f1b1a0877af7a514
8cc30df6436faf2dce9e3f35d2397c1386f464760dfc2d36150e833031297894
8dfad747a40c3b11909233620ef2ebbc820dc5db7b6644f810e2d4c71f05b3b5
92f12cd1867d48e4fac23f775051589d5e62c0a1522d1b50c3dff3845ae50f39
93b09b5e85e42391377c5bb4c753d198fb50506092aadf4382a1aa2a5b883767
989f9fd2f4f0b61a8851b569d737fa4fe272ba03f28427cdf52b18879639171d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9c021fcafbe4d233a28ea16ba0d04a2013001499dd08c2c38969938ec758bd98
9ef43cf1f388d223852c3b76cdbfc71d3999f71d85e4c70712fc5bd52efdf6ea
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a843cef97d8f7395544de4bef462a9aabb159122619df897cc09dd3794250db4
aa503ed4b75f03eebbb4626b542f503e7b9246f1addb0dedd48e53735cb6a4c8
aa688c13a306ce08c403f2a1d5977c09f181d6385233ccd19b88eb111aff1f9e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
c912f863ee5b7d580c3f8a22b0de6a1b0b4f801e12567398d6dc5ecaabacce83
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
d6f40ff2d39302f42bf2b44ee8ad1689a07cd4c656eecd0a68b9662d37795e53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5318eac9e25bc1c702aab3ace23aa3d64e536aa86eab99243e0e32a28e7e978
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f679d6ba05c5482e84c83fa3b35958730f79cb4365562b73b09ec902762bfe5a
f70f66c833b6f9b062746ee3b90efb54e18b8c4653d0236dd294204ef765db2e
f7dbf204d1b3ef132261033ffcb52919f5d93a15d8656e61d261174f639c43f9
f7dc52973f70ac63572c622bb04f2ba57a3f152e4a66a34df439fe49118b7fd8
f8ec8e438a89275d43470f24b18e3466713b319996f65d2b3a3144f3e38a362e
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988