urlscan.io logo urlscan.io
SecurityTrails logo

affiliboss.online Open in urlscan Pro
162.144.15.124  Public Scan

Go To Rescan Add Verdict Report
URL: https://affiliboss.online/pop/romania/page.php
Submission: On August 30 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 11 countries across 66 domains to perform 172 HTTP transactions. The main IP is 162.144.15.124, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is affiliboss.online.
TLS certificate: Issued by R3 on August 4th 2023. Valid for: 3 months.
This is the only time affiliboss.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.144.15.124 46606 (UNIFIEDLA...)
6 212.32.251.44 60781 (LEASEWEB-...)
1 14 2.20.209.93 16625 (AKAMAI-AS)
1 1 5.150.170.4 31151 (PHG-AS)
1 2 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 5.149.162.202 31229 (PL-BEYOND-AS)
1 2 35.186.231.97 15169 (GOOGLE)
1 1 108.128.125.55 16509 (AMAZON-02)
9 35.246.200.212 396982 (GOOGLE-CL...)
30 89.108.116.233 197695 (AS-REG)
2 2 35.201.76.231 396982 (GOOGLE-CL...)
1 1 34.95.127.121 396982 (GOOGLE-CL...)
1 2600:9000:21f... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:233... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 4 138.201.230.88 24940 (HETZNER-AS)
1 91.134.222.90 16276 (OVH)
5 23.36.163.106 20940 (AKAMAI-ASN1)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
13 20.73.149.220 8075 (MICROSOFT...)
2 188.165.150.177 16276 (OVH)
1 99.80.122.212 16509 (AMAZON-02)
4 5 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2620:1ec:46::45 8075 (MICROSOFT...)
1 178.250.1.11 44788 (ASN-CRITE...)
4 2a03:2880:f17... 32934 (FACEBOOK)
5 163.181.92.173 24429 (TAOBAO Zh...)
3 178.250.1.9 44788 (ASN-CRITE...)
2 20.122.63.128 8075 (MICROSOFT...)
1 212.106.0.17 12741 (AS-NETIA ...)
1 95.211.33.59 60781 (LEASEWEB-...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 142.250.184.194 15169 (GOOGLE)
1 3.127.96.33 16509 (AMAZON-02)
2 2 185.89.210.90 29990 (ASN-APPNEX)
1 2 185.89.211.116 29990 (ASN-APPNEX)
1 23.35.228.23 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 18.157.60.246 16509 (AMAZON-02)
1 185.86.139.102 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 23.35.237.56 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 37.157.3.20 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 104.18.39.155 13335 (CLOUDFLAR...)
1 2 34.252.43.226 16509 (AMAZON-02)
1 162.19.138.82 16276 (OVH)
1 54.72.250.72 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.124.28.136 16509 (AMAZON-02)
1 70.42.32.223 22075 (AS-OUTBRAIN)
1 198.47.127.205 3257 (GTT-BACKB...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.213.165.82 16625 (AKAMAI-AS)
1 54.246.192.162 16509 (AMAZON-02)
1 35.157.69.72 16509 (AMAZON-02)
1 85.17.170.54 60781 (LEASEWEB-...)
1 104.248.36.113 14061 (DIGITALOC...)
1 34.250.62.135 16509 (AMAZON-02)
1 13.59.220.190 16509 (AMAZON-02)
172 67
1    162.144.15.124 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-15-124.unifiedlayer.com
affiliboss.online
6    212.32.251.44 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
stvkr.com
14    2.20.209.93 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-209-93.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
campaign.aliexpress.com
assets.alicdn.com
www.aliexpress.com
best.aliexpress.com
1    5.150.170.4 (United Kingdom)

ASN31151 (PHG-AS, GB)
prf.hn
2    2a02:26f0:780::210:ca3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.avira.com
1    5.149.162.202 (Poland)

ASN31229 (PL-BEYOND-AS, PL)
PTR: vm4499.iai-system.com
ro.ombre.com
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
wrap.tradedoubler.com
1    108.128.125.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-125-55.eu-west-1.compute.amazonaws.com
redirects.tradedoubler.com
9    35.246.200.212 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.200.246.35.bc.googleusercontent.com
born2be.com.ro
30    89.108.116.233 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d54035.azlk.regrucolo.ru
www.intui.travel
en.intui.travel
2    35.201.76.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.76.201.35.bc.googleusercontent.com
logitech-emea.pxf.io
1    34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
1    2600:9000:21f3:6e00:8:e5f0:bb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.logitech.com
5    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    2606:4700::6812:20d (United States)

ASN13335 (CLOUDFLARENET, US)
b2brocdn.aza.moda
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
www.snrcdn.net
upload.snrcdn.net
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    138.201.230.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de
x.cnt.my
1    91.134.222.90 (France)

ASN16276 (OVH, FR)
delivery.clickonometrics.pl
5    23.36.163.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-106.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
13    20.73.149.220 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.snrbox.com
2    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.optimalpeople.fr
1    99.80.122.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-122-212.eu-west-1.compute.amazonaws.com
smct.co
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    163.181.92.173 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ae01.alicdn.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
1    212.106.0.17 (Warsaw, Poland)

ASN12741 (AS-NETIA Warszawa 02-822, PL)
PTR: 212-106-0-17.static.ip.netia.com.pl
ar1.aza.io
1    95.211.33.59 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
citydsp.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    3.127.96.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.157.60.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    34.252.43.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-43-226.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    54.72.250.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-250-72.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.124.28.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-28-136.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    2600:1f18:612b:4232:6a8:b2f5:a36e:3d52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.246.192.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-192-162.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    35.157.69.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-69-72.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    85.17.170.54 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
retagro.com
1    104.248.36.113 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
anilima.com
1    34.250.62.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    13.59.220.190 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-220-190.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
30 intui.travel
www.intui.travel
en.intui.travel
407 KB
15 alicdn.com
assets.alicdn.com — Cisco Umbrella Rank: 12323
ae01.alicdn.com — Cisco Umbrella Rank: 9076
at.alicdn.com Failed
373 KB
13 snrbox.com
web.snrbox.com — Cisco Umbrella Rank: 153450
39 KB
10 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3906
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
sslwidget.criteo.com — Cisco Umbrella Rank: 2146
dis.criteo.com — Cisco Umbrella Rank: 596
33 KB
9 born2be.com.ro
born2be.com.ro
254 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
p.clarity.ms — Cisco Umbrella Rank: 11842
c.clarity.ms — Cisco Umbrella Rank: 1455
27 KB
6 stvkr.com
stvkr.com — Cisco Umbrella Rank: 241541
6 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 754
131 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
410 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 450
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
282 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 374
c.bing.com — Cisco Umbrella Rank: 236
15 KB
4 cnt.my
x.cnt.my — Cisco Umbrella Rank: 111964
5 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
4 KB
4 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 29102
campaign.aliexpress.com — Cisco Umbrella Rank: 58495
www.aliexpress.com — Cisco Umbrella Rank: 25275
best.aliexpress.com — Cisco Umbrella Rank: 89625
acs.aliexpress.com Failed
44 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
122 KB
3 snrcdn.net
www.snrcdn.net — Cisco Umbrella Rank: 148952
upload.snrcdn.net — Cisco Umbrella Rank: 142938
78 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
675 B
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11461
2 KB
3 aza.moda
b2brocdn.aza.moda
264 KB
3 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 107553
redirects.tradedoubler.com — Cisco Umbrella Rank: 143056
wrap.tradedoubler.com — Cisco Umbrella Rank: 150110
2 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
2 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1668
1 KB
2 optimalpeople.fr
analytics.optimalpeople.fr — Cisco Umbrella Rank: 67378
15 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6457
563 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
22 KB
2 pxf.io
logitech-emea.pxf.io
810 B
2 avira.com
www.avira.com — Cisco Umbrella Rank: 539726
706 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2216
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 654
338 B
1 anilima.com
anilima.com — Cisco Umbrella Rank: 444183
294 B
1 retagro.com
retagro.com — Cisco Umbrella Rank: 158327
294 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2184
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2854
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4796
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 32673
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3088
400 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 794
579 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1357
882 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3371
274 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 701
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 400
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 944
343 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1198
163 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
125 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 388
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2540
163 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1535
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
114 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 666
786 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
146 B
1 citydsp.com
citydsp.com — Cisco Umbrella Rank: 132713
889 B
1 aza.io
ar1.aza.io
187 B
1 smct.co
smct.co — Cisco Umbrella Rank: 24013
188 B
1 clickonometrics.pl
delivery.clickonometrics.pl — Cisco Umbrella Rank: 60995
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1225
49 KB
1 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4191
59 KB
1 logitech.com
www.logitech.com — Cisco Umbrella Rank: 31392
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5389
538 B
1 ombre.com
ro.ombre.com
1 prf.hn
prf.hn — Cisco Umbrella Rank: 24891
557 B
1 affiliboss.online
affiliboss.online
336 B
0 mmstat.com Failed
ae.mmstat.com Failed
172 66
Domain Requested by
23 www.intui.travel stvkr.com
www.intui.travel
13 web.snrbox.com www.snrcdn.net
10 assets.alicdn.com campaign.aliexpress.com
assets.alicdn.com
9 born2be.com.ro stvkr.com
born2be.com.ro
7 en.intui.travel www.intui.travel
6 stvkr.com affiliboss.online
5 ae01.alicdn.com assets.alicdn.com
campaign.aliexpress.com
5 gum.criteo.com 4 redirects dynamic.criteo.com
5 analytics.tiktok.com affiliboss.online
analytics.tiktok.com
5 www.googletagmanager.com www.intui.travel
born2be.com.ro
www.googleoptimize.com
www.googletagmanager.com
4 www.facebook.com born2be.com.ro
4 x.cnt.my 1 redirects affiliboss.online
x.cnt.my
born2be.com.ro
3 bat.bing.com affiliboss.online
bat.bing.com
born2be.com.ro
3 connect.facebook.net affiliboss.online
connect.facebook.net
3 googleads.g.doubleclick.net born2be.com.ro
www.googletagmanager.com
3 www.google.com 1 redirects born2be.com.ro
3 mc.yandex.com 1 redirects www.intui.travel
3 b2brocdn.aza.moda born2be.com.ro
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 secure.adnxs.com 1 redirects affiliboss.online
2 ib.adnxs.com 2 redirects
2 dis.criteo.com affiliboss.online
2 c.clarity.ms 1 redirects
2 p.clarity.ms www.clarity.ms
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 analytics.optimalpeople.fr wrap.tradedoubler.com
analytics.optimalpeople.fr
2 www.google.de born2be.com.ro
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.snrcdn.net born2be.com.ro
www.snrcdn.net
2 logitech-emea.pxf.io 2 redirects
2 www.avira.com 1 redirects stvkr.com
1 upload.snrcdn.net
1 s.thebrighttag.com
1 beacon.krxd.net
1 anilima.com citydsp.com
1 retagro.com citydsp.com
1 e1.emxdgt.com affiliboss.online
1 sync-criteo.ads.yieldmo.com affiliboss.online
1 ad.yieldlab.net affiliboss.online
1 a.twiago.com affiliboss.online
1 criteo-partners.tremorhub.com affiliboss.online
1 simage2.pubmatic.com affiliboss.online
1 sync.outbrain.com affiliboss.online
1 exchange.mediavine.com affiliboss.online
1 matching.ivitrack.com affiliboss.online
1 ad.360yield.com affiliboss.online
1 id5-sync.com affiliboss.online
1 visitor.omnitagjs.com affiliboss.online
1 cm.adform.net affiliboss.online
1 ups.analytics.yahoo.com affiliboss.online
1 eb2.3lift.com affiliboss.online
1 criteo-sync.teads.tv affiliboss.online
1 sync-t1.taboola.com affiliboss.online
1 rtb-csync.smartadserver.com affiliboss.online
1 match.sharethrough.com affiliboss.online
1 pixel.rubiconproject.com affiliboss.online
1 contextual.media.net affiliboss.online
1 x.bidswitch.net affiliboss.online
1 cm.g.doubleclick.net 1 redirects
1 c.bing.com 1 redirects
1 citydsp.com x.cnt.my
1 ar1.aza.io affiliboss.online
1 sslwidget.criteo.com dynamic.criteo.com
1 best.aliexpress.com assets.alicdn.com
1 mug.criteo.com born2be.com.ro
1 www.aliexpress.com campaign.aliexpress.com
1 smct.co wrap.tradedoubler.com
1 dynamic.criteo.com www.googletagmanager.com
1 delivery.clickonometrics.pl affiliboss.online
1 wrap.tradedoubler.com www.googletagmanager.com
1 www.googleoptimize.com born2be.com.ro
1 mc.yandex.ru www.intui.travel
1 www.logitech.com stvkr.com
1 www.ojrq.net 1 redirects
1 redirects.tradedoubler.com 1 redirects
1 clk.tradedoubler.com 1 redirects
1 ro.ombre.com stvkr.com
1 prf.hn 1 redirects
1 campaign.aliexpress.com stvkr.com
1 s.click.aliexpress.com 1 redirects
1 affiliboss.online
0 at.alicdn.com Failed campaign.aliexpress.com
0 acs.aliexpress.com Failed assets.alicdn.com
0 ae.mmstat.com Failed affiliboss.online
172 85

This site contains no links.

Subject Issuer Validity Valid
affiliboss.online
R3		 2023-08-04 -
2023-11-02		 3 months crt.sh
br-geo.stvkr.com
R3		 2023-07-29 -
2023-10-27		 3 months crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-14 -
2023-12-19		 6 months crt.sh
avira.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-15 -
2024-06-14		 a year crt.sh
*.ro.ombre.com
Certum Domain Validation CA SHA2		 2023-07-24 -
2024-07-23		 a year crt.sh
*.born2be.com.ro
RapidSSL TLS RSA CA G1		 2023-03-09 -
2024-03-08		 a year crt.sh
*.intui.travel
Sectigo RSA Domain Validation Secure Server CA		 2022-09-28 -
2023-10-01		 a year crt.sh
*.logitech.com
Amazon RSA 2048 M01		 2023-07-22 -
2024-08-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
aza.moda
GTS CA 1P5		 2023-08-27 -
2023-11-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni1a72cgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-18 -
2024-08-17		 a year crt.sh
*.tradedoubler.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.x.cnt.my
R3		 2023-07-29 -
2023-10-27		 3 months crt.sh
*.clickonometrics.pl
Certum Domain Validation CA SHA2		 2023-02-20 -
2024-02-20		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.synerise.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-15 -
2024-02-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
analytics.optimalpeople.fr
ZeroSSL ECC Domain Secure Site CA		 2023-07-07 -
2023-10-05		 3 months crt.sh
smct.co
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-06-29 -
2024-07-30		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.aza.io
RapidSSL TLS RSA CA G1		 2023-04-26 -
2024-04-25		 a year crt.sh
citydsp.com
R3		 2023-07-20 -
2023-10-18		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
advermarkt.com
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
akimilo.com
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
snif80cgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-19 -
2024-09-18		 a year crt.sh

This page contains 11 frames:

Primary Page: https://affiliboss.online/pop/romania/page.php
Frame ID: D9B0B739FF32CF8FD7018DBB96F7AB1F
Requests: 1 HTTP requests in this frame

Frame: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Frame ID: 43FD270F2F73231A8F776DB5EBD61E48
Requests: 74 HTTP requests in this frame

Frame: https://ro.ombre.com/?utm_source=cityads&utm_medium=cps&utm_campaign=affiliate_program&utm_term=campaign_cityads&utm_content=cityads&click_id=9HQZ20iEMDZBz8o
Frame ID: 03BC59ACD7F8DF72C713F11278D88AB9
Requests: 2 HTTP requests in this frame

Frame: https://www.logitech.com/?irclickid=zXaQaowF%3AxyPTAo1f4TM1wlSUkFyn-zXeWThUQ0&irgwc=1
Frame ID: CADE62EA62275975FB001657E80B7D63
Requests: 2 HTTP requests in this frame

Frame: https://www.avira.com/de?utm_content=0&utm_medium=affiliate&utm_source=partnerize&utm_term=arkadiy&x-a-medium=1011l12512&x-c-channel=partnerize&x-clickref=1100lxJ4VjKp&x-utm_content=0&x-utm_term=arkadiy
Frame ID: 178BE7CE293D73B05956569E552708E9
Requests: 2 HTTP requests in this frame

Frame: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Frame ID: EF27BC480DD2163F21D43143011945C4
Requests: 35 HTTP requests in this frame

Frame: https://best.aliexpress.com/
Frame ID: 11EBD9AA20DA87647497EA97252C5AB2
Requests: 23 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=affiliboss.online&origin=onetag
Frame ID: 9812791410084E9C7753AF1366DC5067
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_gid=CAESEGUGLoj8jsIt4qcGQDwNL80&google_cver=1&google_ula=913071,0
Frame ID: B65EA74E1E3EC1707527CB72C900C191
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9AA5DE33137C961B40B9A4BC3E56E81A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ACAB7CE7BFBCB275B5FFBC142E8F9443
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

172
Requests

91 %
HTTPS

25 %
IPv6

66
Domains

85
Subdomains

67
IPs

11
Countries

2367 kB
Transfer

6185 kB
Size

79
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://s.click.aliexpress.com/deep_link.htm?af=Q1wWrl&cn=aliexpress&cv=banner&dp=19TZ20iEMDZfw05&tp2=Q1wWrl&afref=affiliboss.online&aff_short_key=cD4TW1tW&dl_target_url=https%3A%2F%2Fbest.aliexpress.com%3Faf%3DQ1wWrl%26cn%3Daliexpress%26cv%3Dbanner%26dp%3D19TZ20iEMDZfw05%26tp2%3DQ1wWrl%26afref%3Daffiliboss.online%26mall_affr%3Dpr3 HTTP 302
  • https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Request Chain 7
  • https://prf.hn/click/camref:1011l7R4G/pubref:8DTZ20iEMDZByBT/destination: HTTP 302
  • https://www.avira.com/?x-clickref=1100lxJ4VjKp&x-c-channel=partnerize&x-a-medium=1011l12512&utm_source=partnerize&utm_medium=affiliate&utm_content=0&utm_term=arkadiy&x-utm_content=0&x-utm_term=arkadiy HTTP 302
  • https://www.avira.com/de?utm_content=0&utm_medium=affiliate&utm_source=partnerize&utm_term=arkadiy&x-a-medium=1011l12512&x-c-channel=partnerize&x-clickref=1100lxJ4VjKp&x-utm_content=0&x-utm_term=arkadiy
Request Chain 9
  • https://clk.tradedoubler.com/click?p=314425&a=3221250&g=24941146&epi=9eXZ20iEMDZsH75 HTTP 302
  • https://redirects.tradedoubler.com/projectr/?utm_source=td*_td_*KEEP_NEWEST&utm_campaign=Cityads+RO*_td_*KEEP_NEWEST&utm_medium=24941146*_td_*KEEP_NEWEST&tduid=e12d30e9b239070c5447d9fb1c96bfb3&_td_deeplink=https://born2be.com.ro/ HTTP 302
  • https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Request Chain 11
  • https://logitech-emea.pxf.io/c/1234031/857541/11966?SharedId=93OZ20iEMDZx78l&subId2=Q1wWrl HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Flogitech-emea.pxf.io%2Fc%2F1234031%2F857541%2F11966%3FSharedId%3D93OZ20iEMDZx78l%26subId2%3DQ1wWrl%26level%3D1%26srcref%3Dhttps%253A%252F%252Fstvkr.com%252F&cid=11966&tpsync=yes&auth=5621de9c60e8fcdc HTTP 302
  • https://logitech-emea.pxf.io/c/1234031/857541/11966?SharedId=93OZ20iEMDZx78l&subId2=Q1wWrl&level=1&srcref=https%3A%2F%2Fstvkr.com%2F&brwsr=33b7cde4-477a-11ee-b724-5dbcba05454f&brwsrsig=TZzRMvRuhXj2VGwVWR3KL09Pw8pXQw HTTP 301
  • https://www.logitech.com/?irclickid=zXaQaowF%3AxyPTAo1f4TM1wlSUkFyn-zXeWThUQ0&irgwc=1
Request Chain 60
  • https://mc.yandex.com/watch/11187544?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A727717830268%3Ahid%3A78977200%3Az%3A120%3Ai%3A20230830231428%3Aet%3A1693430068%3Ac%3A1%3Arn%3A322686654%3Arqn%3A1%3Au%3A1693430068495714883%3Aw%3A1584x1184%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A68%2C83%2C107%2C1%2C0%2C0%2C%2C361%2C0%2C%2C%2C%2C622%3Aco%3A0%3Acpf%3A1%3Ans%3A1693430067314%3Arqnl%3A1%3Ast%3A1693430068%3At%3A%D0%A2%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%B5%D1%80%D1%8B%20%D0%B8%D0%B7%20%D0%B0%D1%8D%D1%80%D0%BE%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20%D0%B2%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8C%20%D0%B7%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/11187544/1?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A727717830268%3Ahid%3A78977200%3Az%3A120%3Ai%3A20230830231428%3Aet%3A1693430068%3Ac%3A1%3Arn%3A322686654%3Arqn%3A1%3Au%3A1693430068495714883%3Aw%3A1584x1184%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A68%2C83%2C107%2C1%2C0%2C0%2C%2C361%2C0%2C%2C%2C%2C622%3Aco%3A0%3Acpf%3A1%3Ans%3A1693430067314%3Arqnl%3A1%3Ast%3A1693430068%3At%3A%D0%A2%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%B5%D1%80%D1%8B%20%D0%B8%D0%B7%20%D0%B0%D1%8D%D1%80%D0%BE%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20%D0%B2%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8C%20%D0%B7%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 61
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0
Request Chain 85
  • https://x.cnt.my/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F HTTP 301
  • https://x.cnt.my/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&rand=0.48751761469537835&xtmp=1
Request Chain 101
  • https://gum.criteo.com/sid/json?origin=onetag&domain=born2be.com.ro&sn=ChromeSyncframe&so=0&topUrl=affiliboss.online&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nFl9HnxocW5pS1JWVGtCMHNVZ3JqVjlyWlZhLzRpQU5tc1A5c3JhdlhQYjViRVZXZFNpRmdXQmlrVzI1SWlKc2lRbmxqK0FoRU5oYXVuRjFYdUdtZUoyOHVXakFJZ1pVWjBhNEVyQUFmM0pKT3N0dG9ocE8renRJTWtSQnVtMWhMVXhYZmVOVTQwR2xUVGxIcTN3RTFmYUpxVm0wUTRpQk9pTGVUS3drM2diM1dJQTdKSXNlQzltak15N3Q0d2FzWUROYlNPeWgzTGRyUHdodUUwVDlETU5HY2MyYlRmOU0vOElFQWFXcFR4bG1YMzdKU3llS3NWRmZVN1QrOHF6TUViV2JsbWRSaUwwcXMweVo5M251MFZZbGxCV2xlWUFnaU5iV0htVWdFUVlDUlE4Yz18&cppv=2
Request Chain 132
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&RedC=c.clarity.ms&MXFR=12E818AB9F10675402300BD69B1069E5 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&MUID=18064E0BA3A6612F3F7A5D76A2A660AA
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_cm&google_hm=ay1ZN0NqR0hJcjh0UDNEcUc0N2Y0NnpxV01PdmJkb1ZkU1YxNmF0UQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_gid=CAESEGUGLoj8jsIt4qcGQDwNL80&google_cver=1&google_ula=913071,0
Request Chain 135
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2076332971733711912
Request Chain 136
  • https://secure.adnxs.com/setuid?entity=52&code=k-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A
Request Chain 147
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg&C=1
Request Chain 148
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_ HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_
Request Chain 166
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wohKVwvLpPi6RmNHDN6NS-Gv6kHDaD7Y
Request Chain 167
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=hocA8whReSB3DfzyIGTXhzh6EpImpybA

172 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request page.php
affiliboss.online/pop/romania/ 		720 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.144.15.124 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-15-124.unifiedlayer.com
Software
Apache /
Resource Hash
f408990846b4b410ea9280f9615e34f3acd98bdf230b27565bce7f4845f6fc3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
239
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:26 GMT
server
Apache
vary
Accept-Encoding
click-3ry1G-NDxG06-OYEoX-b410d403
stvkr.com/v2/ Frame 43FD 		349 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-3ry1G-NDxG06-OYEoX-b410d403?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4756004f36b5d827a5013ee2815de64d6e20cc1e9fa1be611b231ad467ea70b1

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
click-bkPGN-NDxG06-pd70Y-4dbdb337
stvkr.com/v2/ Frame 03BC 		495 B
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-bkPGN-NDxG06-pd70Y-4dbdb337?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
031e3a523f3366b8961c29ec373e91107fd3b94740a600ae472fa3e54cb8dbba

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
click-Axk00-NDxG06-rJ68j-c47fc6c8
stvkr.com/v2/ Frame CADE 		361 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-Axk00-NDxG06-rJ68j-c47fc6c8?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
48a06cf206c80a0134079b10660bd8a699ba9253ae4d52dbbc0f84be6f949f70

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
click-3rNnG-NDxG06-zQD0j-329f19b7
stvkr.com/v2/ Frame 178B 		327 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-3rNnG-NDxG06-zQD0j-329f19b7?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
4c1187fe8236645ca0b8ec12d74322bf8a7039ccd171480fa9cf338f7be1a4fe

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
click-AwNNw-NDxG06-X7kN8-592f0d23
stvkr.com/v2/ Frame EF27 		311 B
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-AwNNw-NDxG06-X7kN8-592f0d23?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e11b00ce42e2e49a5c7010c2c7029f51dd4e1158b4df5b00323521e648c1c0b4

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
click-3oE7r-NDxG06-B4qgM-3a332d31
stvkr.com/v2/ Frame 11EB 		847 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stvkr.com/v2/click-3oE7r-NDxG06-B4qgM-3a332d31?tl=1&no_js=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d7d2d40dcc99c824825d79f7a3381d215947779b296df2d228249038feb13aa1

Request headers

Referer
https://affiliboss.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
tupr
campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/ Frame 11EB
Redirect Chain
  • https://s.click.aliexpress.com/deep_link.htm?af=Q1wWrl&cn=aliexpress&cv=banner&dp=19TZ20iEMDZfw05&tp2=Q1wWrl&afref=affiliboss.online&aff_short_key=cD4TW1tW&dl_target_url=https%3A%2F%2Fbest.aliexpre...
  • https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=...
271 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-3oE7r-NDxG06-B4qgM-3a332d31?tl=1&no_js=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e2cce6235f6c11bf7b45c1408f2bcfb7bb4322fb5d6cefbf84ff004fe44d12e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stvkr.com/v2/click-3oE7r-NDxG06-B4qgM-3a332d31?tl=1&no_js=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, s-maxage=328
content-encoding
gzip
content-length
37561
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:14:28 GMT
eagleeye-traceid
211b88ec16934299528741780ecf18
object-status
ttl=328,age=66,gip=2.20.209.93
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-air-hostname
air-ual033027091133.de81
x-air-source
proxy
x-air-trace-id
211b88ec16934299528741780ecf18
x-beacon
off
x-readtime
67
x-server-id
28c3d6b2523ca52c32ad72931842b19ac3b8a084a970a1b95d13ece67df5c9c1
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Wed, 30 Aug 2023 21:14:28 GMT
eagleeye-traceid
21038edc16934300686574607eb749
expires
0
location
https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine
server-timing
ak_p; desc="1693430068260_386595190_57887105_7089_1247_23_389_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
de
www.avira.com/ Frame 178B
Redirect Chain
  • https://prf.hn/click/camref:1011l7R4G/pubref:8DTZ20iEMDZByBT/destination:
  • https://www.avira.com/?x-clickref=1100lxJ4VjKp&x-c-channel=partnerize&x-a-medium=1011l12512&utm_source=partnerize&utm_medium=affiliate&utm_content=0&utm_term=arkadiy&x-utm_content=0&x-utm_term=arkadiy
  • https://www.avira.com/de?utm_content=0&utm_medium=affiliate&utm_source=partnerize&utm_term=arkadiy&x-a-medium=1011l12512&x-c-channel=partnerize&x-clickref=1100lxJ4VjKp&x-utm_content=0&x-utm_term=ar...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avira.com/de?utm_content=0&utm_medium=affiliate&utm_source=partnerize&utm_term=arkadiy&x-a-medium=1011l12512&x-c-channel=partnerize&x-clickref=1100lxJ4VjKp&x-utm_content=0&x-utm_term=arkadiy
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-3rNnG-NDxG06-zQD0j-329f19b7?tl=1&no_js=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
akamai /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.avira.com *.avira.org *.avira.net *.prod-blog.avira.com prod-blog.avira.com;

Request headers

Referer
https://stvkr.com/v2/click-3rNnG-NDxG06-zQD0j-329f19b7?tl=1&no_js=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache
content-encoding
gzip
content-length
29960
content-security-policy
frame-ancestors 'self' *.avira.com *.avira.org *.avira.net *.prod-blog.avira.com prod-blog.avira.com;
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Wed, 30 Aug 2023 21:14:27 GMT
server
akamai
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
content-length
1098
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Wed, 30 Aug 2023 21:14:27 GMT
location
/de?utm_content=0&utm_medium=affiliate&utm_source=partnerize&utm_term=arkadiy&x-a-medium=1011l12512&x-c-channel=partnerize&x-clickref=1100lxJ4VjKp&x-utm_content=0&x-utm_term=arkadiy
server
akamai
/
ro.ombre.com/ Frame 03BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ro.ombre.com/?utm_source=cityads&utm_medium=cps&utm_campaign=affiliate_program&utm_term=campaign_cityads&utm_content=cityads&click_id=9HQZ20iEMDZBz8o
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-bkPGN-NDxG06-pd70Y-4dbdb337?tl=1&no_js=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.149.162.202 , Poland, ASN31229 (PL-BEYOND-AS, PL),
Reverse DNS
vm4499.iai-system.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://stvkr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
20582
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache-search-products
e
x-frame-options
sameorigin
x-ua-compatible
IE=edge
/
born2be.com.ro/ Frame 43FD
Redirect Chain
  • https://clk.tradedoubler.com/click?p=314425&a=3221250&g=24941146&epi=9eXZ20iEMDZsH75
  • https://redirects.tradedoubler.com/projectr/?utm_source=td*_td_*KEEP_NEWEST&utm_campaign=Cityads+RO*_td_*KEEP_NEWEST&utm_medium=24941146*_td_*KEEP_NEWEST&tduid=e12d30e9b239070c5447d9fb1c96bfb3&_td_...
  • https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
268 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-3ry1G-NDxG06-OYEoX-b410d403?tl=1&no_js=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
62f42e9a095660579b3f7e6e2b0708c61ba3efafa00c4104b5f2b781cf530c2b

Request headers

Referer
https://stvkr.com/v2/click-3ry1G-NDxG06-OYEoX-b410d403?tl=1&no_js=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 21:14:27 GMT
Location
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Server
Apache/2.4.57 (Ubuntu)
/
www.intui.travel/ Frame EF27 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-AwNNw-NDxG06-X7kN8-592f0d23?tl=1&no_js=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx / PHP/8.0.15
Resource Hash
c91b327d67cbe81e5dea1abfc2cd109cee616d95671b49c12536b540277e04bb

Request headers

Referer
https://stvkr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8;
Date
Wed, 30 Aug 2023 21:14:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=60
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/8.0.15
/
www.logitech.com/ Frame CADE
Redirect Chain
  • https://logitech-emea.pxf.io/c/1234031/857541/11966?SharedId=93OZ20iEMDZx78l&subId2=Q1wWrl
  • https://www.ojrq.net/p/?return=https%3A%2F%2Flogitech-emea.pxf.io%2Fc%2F1234031%2F857541%2F11966%3FSharedId%3D93OZ20iEMDZx78l%26subId2%3DQ1wWrl%26level%3D1%26srcref%3Dhttps%253A%252F%252Fstvkr.com%...
  • https://logitech-emea.pxf.io/c/1234031/857541/11966?SharedId=93OZ20iEMDZx78l&subId2=Q1wWrl&level=1&srcref=https%3A%2F%2Fstvkr.com%2F&brwsr=33b7cde4-477a-11ee-b724-5dbcba05454f&brwsrsig=TZzRMvRuhXj2...
  • https://www.logitech.com/?irclickid=zXaQaowF%3AxyPTAo1f4TM1wlSUkFyn-zXeWThUQ0&irgwc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.logitech.com/?irclickid=zXaQaowF%3AxyPTAo1f4TM1wlSUkFyn-zXeWThUQ0&irgwc=1
Requested by
Host: stvkr.com
URL: https://stvkr.com/v2/click-Axk00-NDxG06-rJ68j-c47fc6c8?tl=1&no_js=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6e00:8:e5f0:bb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stvkr.com/v2/click-Axk00-NDxG06-rJ68j-c47fc6c8?tl=1&no_js=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7732
alt-svc
h3=":443"; ma=86400
cache-control
max-age=21600
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 30 Aug 2023 21:14:27 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
CloudFront-Viewer-Country,Accept-Encoding
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id
xJVCM-echNkYyhKHvpXedAn1EN2F9bFm6ygM58w28MrcM4BCtoiEhA==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dispatcher
dispatcher4uswest1-28203378
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=9; IE=8; IE=7; IE=EDGE
x-vhost
publish
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
date
Wed, 30 Aug 2023 21:14:27 GMT
expires
Wed, 30 Aug 2023 21:14:27 GMT
location
https://www.logitech.com/?irclickid=zXaQaowF%3AxyPTAo1f4TM1wlSUkFyn-zXeWThUQ0&irgwc=1
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma
no-cache
via
1.1 google
flag.css
www.intui.travel/web/main/assets/css/ Frame EF27 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/main/assets/css/flag.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
9c10592ca89f36f2aca44bc48d1f3dd0173587c0962f0cd728c37ad56c0b9ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2022 09:33:09 GMT
Server
nginx
ETag
W/"62c6a855-19b1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
m1.css
www.intui.travel/web/main/assets/css/ Frame EF27 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/main/assets/css/m1.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
f66ac2bc3b144d5600efef605487c87be684e153ca212dd59630cccc26a54c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jun 2022 06:26:35 GMT
Server
nginx
ETag
W/"62a97b9b-8ca"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
www.intui.travel/public/fonts/font-awesome-4.7.0/css/ Frame EF27 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/public/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
abfcbbb9296d0de9b3aad1378c32c9e54eb8f927fd38656b063ee304cd041e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Aug 2020 10:05:32 GMT
Server
nginx
ETag
W/"5f4390ec-7918"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
phonecode.min.css
www.intui.travel/public/css/new_design/ Frame EF27 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/public/css/new_design/phonecode.min.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
2a333917e81fa584cc503439b9f338f5fcf842d906f7cb9d414d0765951e914f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 07:27:34 GMT
Server
nginx
ETag
W/"5dcbb066-3388"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ Frame EF27 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-11D693CKVG
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd6bcc100df7f74365c82a436e30b631ed18d7c443fd36468d95e23e1ac0a433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76318
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:27 GMT
client1.png
www.intui.travel/web/img/ Frame EF27 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/web/img/client1.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
40b702f0c31c2a725cfbebb630b83bd384bb7ca33748939101d583b0d26cf5a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Last-Modified
Mon, 16 Jan 2023 12:05:25 GMT
Server
nginx
ETag
"63c53d85-1a61"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
6753
Expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow_down.svg
www.intui.travel/web/main/assets/img/ Frame EF27 		311 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/web/main/assets/img/arrow_down.svg
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
1b1fb1c4a230c7621e23c3d17c40e616d47c4534f243ede5384908c64a5653c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Last-Modified
Mon, 24 Aug 2020 09:31:54 GMT
Server
nginx
ETag
"5f43890a-137"
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
311
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
www.intui.travel/web/main/assets/js/ Frame EF27 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/main/assets/js/jquery.min.js
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Aug 2020 12:14:32 GMT
Server
nginx
ETag
W/"5f43af28-15d84"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tsearch.min.css
www.intui.travel/web/css/ Frame EF27 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/css/tsearch.min.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
998765d18b8ec56c0ac4ea0842ec8064701a4ba62f5cac4ff961e81706ce0abc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Feb 2021 08:52:18 GMT
Server
nginx
ETag
W/"601a6442-2085"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tsearch.js
www.intui.travel/web/js/ Frame EF27 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/js/tsearch.js?11
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
6aeffb8c9738d45ff98de0f9649e197ca2fd5db9eef5f56417c683ff8a192f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jun 2023 06:59:32 GMT
Server
nginx
ETag
W/"649a88d4-5695"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.css
www.intui.travel/public/plugins/slick/ Frame EF27 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/public/plugins/slick/slick.min.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
545950798efef023632ac0b3b3b10150cd5b219780f67f2a355e3d7652b79392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 2020 11:24:55 GMT
Server
nginx
ETag
W/"5f312e87-792"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
www.intui.travel/public/plugins/slick/ Frame EF27 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/public/plugins/slick/slick.min.js
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
f5df45765234464e4133bbbf212a232defc949e2b8e34aad5a883c6bb923ab48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2017 11:47:36 GMT
Server
nginx
ETag
W/"59199558-a440"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
lazysizes.min.js
www.intui.travel/web/js/ Frame EF27 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/js/lazysizes.min.js
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Aug 2020 10:02:42 GMT
Server
nginx
ETag
W/"5f439042-1e5b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
watch.js
mc.yandex.ru/metrika/ Frame EF27 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0dde2f9058be88832dc7937239ec1b49007efd030017d5f252019c8cbb3ff3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Aug 2023 09:10:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64eedd54-eb22"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
60194
expires
Wed, 30 Aug 2023 22:14:27 GMT
ru.svg
www.intui.travel/web/main/assets/img/ Frame EF27 		286 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/web/main/assets/img/ru.svg
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/web/main/assets/css/flag.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/web/main/assets/css/flag.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:28 GMT
Last-Modified
Mon, 24 Aug 2020 09:31:54 GMT
Server
nginx
ETag
"5f43890a-11e"
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
286
Expires
Thu, 31 Dec 2037 23:55:55 GMT
optimize.js
www.googleoptimize.com/ Frame 43FD 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-59H688P
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34e9bbf714d2a5b5e3d1d79c2affdf2a506ec54e422e8c5ff5f67f1b933692f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50280
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:27 GMT
js
www.googletagmanager.com/gtag/ Frame 43FD 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-432095663
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6bf8df44f7114fdd6681bbd921777806bc6d3894fc804198fc65f2b4f13b0007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78124
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:27 GMT
roboto-latin-ext_latin-regular.woff2
born2be.com.ro/aza_store_born2be/fonts/ Frame 43FD 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/fonts/roboto-latin-ext_latin-regular.woff2
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cf2ed5e14fc3f155b30282f1a1a1af2a3f0242075b61bb3bd5de8b551522af04

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Origin
https://born2be.com.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"64d4b7b1-5768"
content-length
22376
content-type
application/octet-stream
roboto-latin-ext_latin-bold.woff2
born2be.com.ro/aza_store_born2be/fonts/ Frame 43FD 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/fonts/roboto-latin-ext_latin-bold.woff2
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
90e1db577b1063e43a697ac6981cae1e33b90c690c1860a792baae68e286cb05

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Origin
https://born2be.com.ro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"64d4b7b1-5824"
content-length
22564
content-type
application/octet-stream
118_ro_RO_desktop.jpeg
b2brocdn.aza.moda/banners/1/ Frame 43FD 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2brocdn.aza.moda/banners/1/118_ro_RO_desktop.jpeg?v=1693316958
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02f16ecf7228819d2160bfffa94faaf9cfc964db827b375155b22ba6203a9cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
cf-cache-status
HIT
age
2995
cf-polished
qual=85, origFmt=jpeg, origSize=613797
content-disposition
inline; filename="118_ro_RO_desktop.webp"
content-length
113426
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Aug 2023 13:49:18 GMT
server
cloudflare
etag
"64edf75e-95da5"
vary
Accept
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff00b28fe654dc4-FRA
expires
Thu, 31 Aug 2023 21:14:28 GMT
desktopHome.css
born2be.com.ro/aza_store_born2be/css/desktop/ Frame 43FD 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/css/desktop/desktopHome.css?v=1691662257
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
68f89004f9b04c018050a11ccc3427167255ec0ba8af33f6828c22af806a3118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"64d4b7b1-1b9a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Wed, 06 Sep 2023 21:14:27 GMT
homepage.min.js
born2be.com.ro/aza_store_born2be/js/ Frame 43FD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/js/homepage.min.js?v=1691662257
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5b008874fb7e012931bc19e8c1ab17f1268186535a434e54b4da83aa1d15b4d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"64d4b7b1-7e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 06 Sep 2023 21:14:27 GMT
critical.default.min.js
born2be.com.ro/aza_store_born2be/js/ Frame 43FD 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/js/critical.default.min.js?v=1691662257
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
76aaf9da38f7ecf6e12b9d535de4ccd8ed06baff7c49e94337be55e4a397fd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"64d4b7b1-1cc47"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 06 Sep 2023 21:14:27 GMT
default.min.js
born2be.com.ro/aza_store_born2be/js/ Frame 43FD 		211 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/js/default.min.js?v=1691662257
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b1c7850ed638374ad0cf2813b60fc0db2abfb2d99266511b9e8f5ad315b0b5e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"64d4b7b1-34c44"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 06 Sep 2023 21:14:27 GMT
as.min.js
b2brocdn.aza.moda/assets/wh/js/ Frame 43FD 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2brocdn.aza.moda/assets/wh/js/as.min.js?v=2023083023
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382e6b7faa91bde40364844993d88d7751bdf285f2cc3ab709a2f298db3a33f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 07:10:39 GMT
server
cloudflare
age
851
etag
W/"64c0c6ef-65e5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7ff00b28fe6b4dc4-FRA
expires
Thu, 31 Aug 2023 21:14:28 GMT
style.css
born2be.com.ro/aza_store_born2be/css/ Frame 43FD 		169 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://born2be.com.ro/aza_store_born2be/css/style.css?v=1691662257
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d09c33dbb704248abecc2da64ca88019ab416e8ec3f720692f9fa78981cfc06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"64d4b7b1-2a223"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Wed, 06 Sep 2023 21:14:27 GMT
tsearch720.min.css
www.intui.travel/web/css/ Frame EF27 		1 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/web/css/tsearch720.min.css
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
649ffaa6e6b8c3a2018d4142895400d62df885d590752802168e3c5ef7a3b60c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2020 07:40:21 GMT
Server
nginx
ETag
W/"5ea14665-5f0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
headform_en2.jpg
www.intui.travel/public/images/img/ Frame EF27 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/images/img/headform_en2.jpg
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/web/main/assets/css/flag.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
2750ea533fea6a5d4ae0aea11053594fcf8ddfc09d36f0b1733713a5f2325b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/web/main/assets/css/flag.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 18 Aug 2020 13:54:33 GMT
Server
nginx
ETag
"5f3bdd99-ce62"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
52834
Expires
Thu, 31 Dec 2037 23:55:55 GMT
no-type.png
www.intui.travel/public/images/frontend/new_design/ Frame EF27 		71 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/images/frontend/new_design/no-type.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/web/css/tsearch.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
bac03069af99b277d6eafb79d1ba9cbfc704df87640e5251736a37b0d523a5d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/web/css/tsearch.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Thu, 25 May 2017 08:54:59 GMT
Server
nginx
ETag
"59269be3-47"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
71
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ajax-loader.gif
www.intui.travel/public/plugins/slick/ Frame EF27 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/plugins/slick/ajax-loader.gif
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/public/plugins/slick/slick.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/public/plugins/slick/slick.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Mon, 15 May 2017 11:47:36 GMT
Server
nginx
ETag
"59199558-1052"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
4178
Expires
Thu, 31 Dec 2037 23:55:55 GMT
flags.png
www.intui.travel/public/images/frontend/new_design/ Frame EF27 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/images/frontend/new_design/flags.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/public/css/new_design/phonecode.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
10213c74aa4062d47bd99b52b8ae4e8ac37dd9bfa20680bc33777a65cba34a29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/public/css/new_design/phonecode.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Thu, 19 Sep 2019 08:31:11 GMT
Server
nginx
ETag
"5d833ccf-669a"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
26266
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
www.intui.travel/public/fonts/font-awesome-4.7.0/fonts/ Frame EF27 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intui.travel/public/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/public/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.intui.travel/public/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Origin
https://www.intui.travel
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Mon, 26 Aug 2019 07:22:30 GMT
Server
nginx
ETag
"12d68-5910004cb1980"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
77160
Globe_whole_green.png
en.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/jpg_png/Globe_whole_green.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
298234128064a047a5f3e82a59cce4dc1371a3c91e6dae8516162af3e09a14e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-1392"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5010
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Girl_greeting_and_pick_up_h142_png.png
www.intui.travel/public/upload/ Frame EF27 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/upload/Girl_greeting_and_pick_up_h142_png.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
764380bd6e132a6d7d63e155f6cb511209364d8e8d483b4ae2be18d4565153dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Sat, 28 May 2022 11:45:20 GMT
Server
nginx
ETag
"62920b50-1230c"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
74508
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Flexi_Cancelation.jpg
www.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/upload/B2C/Main_page/jpg_png/Flexi_Cancelation.jpg
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
24f232c01e8a4b82f86a193909bdc2408825b5913c7bda0e3138203db5e8b8bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-c2c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
3116
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Trustpilot_logo_30.svg
www.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		1 KB
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intui.travel/public/upload/B2C/Main_page/jpg_png/Trustpilot_logo_30.svg
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
8835419bb85afbbe94c9a38ee8bc9ee44053b1b023f398ca4f3a1c390d2162d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Jul 2021 10:19:54 GMT
Server
nginx
ETag
W/"60ed68ca-455"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Collage_PeopleSeats_backinCar2_with_bus_png275.png
en.intui.travel/public/upload/B2C/Main_page/PNG/ Frame EF27 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/PNG/Collage_PeopleSeats_backinCar2_with_bus_png275.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
6020e427b36fb3424f6ef3a839d93a0efeca5de1a5be01e2c2e3dc1de3f75e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:54 GMT
Server
nginx
ETag
"60ed68ca-2ecb"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11979
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Collage_with_car_png310.png
en.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/jpg_png/Collage_with_car_png310.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
a213ac74ea19de1f30eb2e55170f8879b16d2ce6ec05caa1fa5d54090faf0075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-3d53"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
15699
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Business_women_in_the_car_and_car_collage310.png
en.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/jpg_png/Business_women_in_the_car_and_car_collage310.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
2d8ca5c11c2df82487a2e22b41cf1068f68fea2bb5f44b61094f74c0ec7360c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-31e7"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
12775
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cars_logo_collage_png275_91.png
en.intui.travel/public/upload/B2C/Main_page/PNG/ Frame EF27 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/PNG/Cars_logo_collage_png275_91.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
35a8b42291423fedd546b69cb79eecdb8c177242f78015e9dfae9f27e586c8fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:54 GMT
Server
nginx
ETag
"60ed68ca-1edd"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
7901
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Girl_greeting_4_with_Certificate_png200.png
en.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/jpg_png/Girl_greeting_4_with_Certificate_png200.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
a2e53bd019ac51e3a6d8764e6ec355bcd41702ed574c763bd42548eba8f1aca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-283d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
10301
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Collage_Bus_Sedan_Man_driver_wait_png310.png
en.intui.travel/public/upload/B2C/Main_page/jpg_png/ Frame EF27 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.intui.travel/public/upload/B2C/Main_page/jpg_png/Collage_Bus_Sedan_Man_driver_wait_png310.png
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d54035.azlk.regrucolo.ru
Software
nginx /
Resource Hash
4d648aa9d55747b11b6871c8c8909e471f2c4f0ab8aad6381e45fca0051505c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Last-Modified
Tue, 13 Jul 2021 10:19:53 GMT
Server
nginx
ETag
"60ed68c9-33b5"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
13237
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ Frame 43FD 		313 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c128d569ffff83797895d2f73f7321d7fff2e3d4f206759d6d5ecea6bf6812c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99892
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:28 GMT
js
www.googletagmanager.com/gtag/ Frame 43FD 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-432095663&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-59H688P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac4bb61a2ab9cc5efba98be18ed8a57a9bad085700076114ad75492510b8265f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:28 GMT
truncated
/ Frame 43FD 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 43FD 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fe224ff24be747f20aa0f2b61364d04c3f55ad7f178774bccdf5bc289071f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
156_ro_RO_desktop.jpeg
b2brocdn.aza.moda/banners/2/ Frame 43FD 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2brocdn.aza.moda/banners/2/156_ro_RO_desktop.jpeg?v=1688118374
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a160becb059a8a2b731bdb31b075aa290879cb6dca389d155bc468c83afc5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
cf-cache-status
HIT
age
1738
cf-polished
qual=85, origFmt=jpeg, origSize=296949
content-disposition
inline; filename="156_ro_RO_desktop.webp"
content-length
148772
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Jun 2023 09:46:14 GMT
server
cloudflare
etag
"649ea466-487f5"
vary
Accept
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ff00b28fe684dc4-FRA
expires
Thu, 31 Aug 2023 21:14:28 GMT
advert.gif
mc.yandex.com/metrika/ Frame EF27 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 30 Aug 2023 09:10:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64eedd54-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 30 Aug 2023 22:14:28 GMT
1
mc.yandex.com/watch/11187544/ Frame EF27
Redirect Chain
  • https://mc.yandex.com/watch/11187544?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0A%...
  • https://mc.yandex.com/watch/11187544/1?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0...
483 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/11187544/1?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A727717830268%3Ahid%3A78977200%3Az%3A120%3Ai%3A20230830231428%3Aet%3A1693430068%3Ac%3A1%3Arn%3A322686654%3Arqn%3A1%3Au%3A1693430068495714883%3Aw%3A1584x1184%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A68%2C83%2C107%2C1%2C0%2C0%2C%2C361%2C0%2C%2C%2C%2C622%3Aco%3A0%3Acpf%3A1%3Ans%3A1693430067314%3Arqnl%3A1%3Ast%3A1693430068%3At%3A%D0%A2%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%B5%D1%80%D1%8B%20%D0%B8%D0%B7%20%D0%B0%D1%8D%D1%80%D0%BE%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20%D0%B2%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8C%20%D0%B7%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Requested by
Host: www.intui.travel
URL: https://www.intui.travel/?partnerID=2875050&subID=8w3Z20iEMDZjT73
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
519cec44883362be82517f9e81ca79b5805d919ef8d35731b6db1a31289372a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.intui.travel/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 30-Aug-2023 21:14:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intui.travel
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
483
x-xss-protection
1; mode=block
expires
Wed, 30-Aug-2023 21:14:28 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 30-Aug-2023 21:14:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/11187544/1?wmode=7&page-url=https%3A%2F%2Fwww.intui.travel%2F%3FpartnerID%3D2875050%26subID%3D8w3Z20iEMDZjT73&page-ref=https%3A%2F%2Fstvkr.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1094%3Acn%3A1%3Adp%3A0%3Als%3A727717830268%3Ahid%3A78977200%3Az%3A120%3Ai%3A20230830231428%3Aet%3A1693430068%3Ac%3A1%3Arn%3A322686654%3Arqn%3A1%3Au%3A1693430068495714883%3Aw%3A1584x1184%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A68%2C83%2C107%2C1%2C0%2C0%2C%2C361%2C0%2C%2C%2C%2C622%3Aco%3A0%3Acpf%3A1%3Ans%3A1693430067314%3Arqnl%3A1%3Ast%3A1693430068%3At%3A%D0%A2%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%B5%D1%80%D1%8B%20%D0%B8%D0%B7%20%D0%B0%D1%8D%D1%80%D0%BE%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20%D0%B2%20%D0%BE%D1%82%D0%B5%D0%BB%D1%8C%20%D0%B7%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://www.intui.travel
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 30-Aug-2023 21:14:28 GMT
landing
googleads.g.doubleclick.net/pagead/ Frame 43FD
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0
42 B
409 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=908403593.1693430068&url=https%3A%2F%2Fborn2be.com.ro%2F&gtm=45be38s0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/432095663/ Frame 43FD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/432095663/?random=1693430068074&cv=11&fst=1693430068074&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&hn=www.googleadservices.com&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-432095663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52769ed199ce244f4d13d01f7fe20858981317de3b784f073471499aef9802f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1480
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
synerise-javascript-sdk-no-m.min.js
www.snrcdn.net/sdk/3.0/ Frame 43FD 		285 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
dd372ad3b40e39fcf65c64929f804f45a0e5c99bc8752bf8bffc8e1e9ba4b64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
content-md5
n+qYZsaVWAwaW4JmEjUM2Q==
age
567
x-cache
HIT
content-length
72214
x-ms-lease-status
unlocked
last-modified
Wed, 30 Aug 2023 03:33:52 GMT
server
ECAcc (frc/4CC2)
etag
0x8DBA909EE988CFF
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1eb8cd87-f01e-0015-5b85-db52c2000000
cache-control
max-age=600
x-ms-version
2009-09-19
expires
Wed, 30 Aug 2023 21:24:28 GMT
ekomi_gold_en.png
born2be.com.ro/aza_store_born2be/ds_icons/ekomi/ Frame 43FD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://born2be.com.ro/aza_store_born2be/ds_icons/ekomi/ekomi_gold_en.png
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/aza_store_born2be/js/default.min.js?v=1691662257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.246.200.212 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
212.200.246.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b7dfadaffda07b9a977f9acb4bf2dca5cb5b2749ae5b283fbc90985e83c318ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
last-modified
Thu, 10 Aug 2023 10:10:57 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"64d4b7b1-48a2"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
18594
expires
Wed, 06 Sep 2023 21:14:28 GMT
analytics.js
www.google-analytics.com/ Frame 43FD 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5405
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 30 Aug 2023 21:44:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/432095663/ Frame 43FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/432095663/?random=1693430068744&cv=11&fst=1693430068744&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&hn=www.googleadservices.com&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72198370aa042ea05b548a75295863e355c6b571dc721d2d5408c05077a23486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1462
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap
wrap.tradedoubler.com/ Frame 43FD 		990 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wrap.tradedoubler.com/wrap?id=24215
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
4a2eb4f79f0568648dc5edc69775fc8b019a596090a703adadadf1b96fef9478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
990
fbevents.js
connect.facebook.net/en_US/ Frame 43FD 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 21:14:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
gbsPEfkllPal29zNJJ2gWjdA8AbqWnAXi6ARKTdP3CnURIa5+66mhlrlqY2WEx/loJL3+gvyHivdaV+suWSyIg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
x.cnt.my/async/track/ Frame 43FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.cnt.my/async/track/?r=0.23031299772804492
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.230.201.138.clients.your-server.de
Software
nginx /
Resource Hash
159639cbb246559ef5850ad625ef9bf7f0f0952acdacdcbded3db76e3261000a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
application/javascript
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 07:22:09 GMT
server
nginx
etag
W/"64e856a1-a2f"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tm.json
delivery.clickonometrics.pl/service=8847/ Frame 43FD 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.clickonometrics.pl/service=8847/tm.json?sid=8847&cid=178&pid=18683
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.134.222.90 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
p3p
policyref="http://delivery.clickonometrics.pl/w3c/p3p.xml", CP="NOI DSP COR NID PSA PSD OUR IND"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-max-age
1000
access-control-allow-headers
Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ Frame 43FD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T78K1U9OSLU1GBN9EG&lib=ttq
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
11d7fd220d291a6563b604e19f0e6be016f1efef45fc9912d2ddc36c1ca0b532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
d55dd61
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=103
content-length
1243
pragma
no-cache
server
nginx
x-tt-logid
2023083021142868A809A4AF42EF19B19A
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
103,23.36.161.78
x-tt-trace-host
01782c1aa098d441e14c7848822c4a7ef0869c0c02079691302d7dfbd09c5c79c87d9a7f999b000474e141740065e38bc8d8a58e389703c7630c46cab474ca3dd884222bea2c35eebad729870179819e0124a5f481ea4f5c628553dcbdfd92a2f5
expires
Wed, 30 Aug 2023 21:14:28 GMT
bat.js
bat.bing.com/ Frame 43FD 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 30 Aug 2023 21:14:28 GMT
last-modified
Fri, 28 Jul 2023 18:19:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF8B094272A34F8FB53C464821971E02 Ref B: FRAEDGE1909 Ref C: 2023-08-30T21:14:28Z
etag
"806f3b1280c1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12469
js
www.googletagmanager.com/gtag/ Frame 43FD 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YLMHSTLVBZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c924aeda50f8d0d9c161277f4a962dce1328f0a24eb79542d73bcb8bdb63372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86356
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 21:14:28 GMT
/
www.google.com/pagead/1p-user-list/432095663/ Frame 43FD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/432095663/?random=1693430068074&cv=11&fst=1693429200000&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=265931620&rmt_tld=0&ipr=y
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/432095663/ Frame 43FD 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/432095663/?random=1693430068074&cv=11&fst=1693429200000&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=265931620&rmt_tld=1&ipr=y
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 43FD 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=82990
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7WFZPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
34cd7c04f3f99b7928ac74dbf5f50a03548b86deb3da630c439d8b797f311ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
getPublicConfigForContext
web.snrbox.com/rtom-proxy/rtom/configs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom-proxy/rtom/configs/getPublicConfigForContext?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://born2be.com.ro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
tracker,api-key,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-request-id
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-max-age
1728000
age
1085
cache-control
public, max-age=1800, stale-while-revalidate=7200
date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Accept-Encoding
x-cache
HIT
getPublicConfigForContext
web.snrbox.com/rtom-proxy/rtom/configs/ Frame 43FD 		275 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom-proxy/rtom/configs/getPublicConfigForContext?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c2d48f97e0ce8880732dd9ac78300874848a3be9d025b77703c688961956dae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
age
1060
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-max-age
3600
access-control-allow-origin
*
access-control-expose-headers
X-Email-Hash, Client-UUID
cache-control
public, max-age=1800, stale-while-revalidate=7200
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, Authorization, cookie, Cookie, tracker
/
www.google.com/pagead/1p-user-list/432095663/ Frame 43FD 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/432095663/?random=1693430068744&cv=11&fst=1693429200000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&fmt=3&is_vtc=1&random=193906231&rmt_tld=0&ipr=y
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/432095663/ Frame 43FD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/432095663/?random=1693430068744&cv=11&fst=1693429200000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&frm=2&tiba=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&fmt=3&is_vtc=1&random=193906231&rmt_tld=1&ipr=y
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
182720446518940
connect.facebook.net/signals/config/ Frame 43FD 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/182720446518940?v=2.9.125&r=stable&domain=stvkr.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d22640473217e6f4805481deaf3ae56d0ced6b904e3f93438b7e0b3e68387d3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 21:14:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
XHlPIh9mCz51sOSJW3x1G7BRsKG67aWC4NT9mhhebVegozNgbL/tpaUmrw0RtQtifxcnqTSFkfOXbxs+c7jzpQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
rd-o-sdk.js
analytics.optimalpeople.fr/js/ Frame 43FD 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.optimalpeople.fr/js/rd-o-sdk.js?t=1693429200
Requested by
Host: wrap.tradedoubler.com
URL: https://wrap.tradedoubler.com/wrap?id=24215
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash
017d209548fb8f91cde04b7acbd9fca875e2b6693e5fee3afe49dff71f17e8d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 08:52:29 GMT
server
nginx
etag
W/"600157cd-c70c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public
x-via-poph
primary
expires
Thu, 31 Aug 2023 21:14:28 GMT
/
smct.co/tm/ Frame 43FD 		16 B
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smct.co/tm/?t=born2be.com.ro
Requested by
Host: wrap.tradedoubler.com
URL: https://wrap.tradedoubler.com/wrap?id=24215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.122.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-122-212.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.57 (Ubuntu) /
Resource Hash
35f821bc57680410719dbb11647917595152881ad4a4803a445e0ce62045fa25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
pragma
cache
date
Wed, 30 Aug 2023 21:14:28 GMT
cache-control
max-age=900
server
Apache/2.4.57 (Ubuntu)
content-length
16
expires
Wed, 30 Aug 2023 21:29:28 GMT
born2be.com.ro.js
x.cnt.my/async/parser/ Frame 43FD 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.cnt.my/async/parser/born2be.com.ro.js?r=4.00&dom=born2be.com.ro
Requested by
Host: x.cnt.my
URL: https://x.cnt.my/async/track/?r=0.23031299772804492
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.230.201.138.clients.your-server.de
Software
nginx /
Resource Hash
a150feef5970c98c6a2a43eda78a0c42af601de68624848b6a93b84f67d32f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
application/javascript
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 15:14:32 GMT
server
nginx
etag
W/"63628958-23b3"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
x.cnt.my/px/ Frame 43FD
Redirect Chain
  • https://x.cnt.my/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaig...
  • https://x.cnt.my/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaig...
35 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.cnt.my/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&rand=0.48751761469537835&xtmp=1
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Server
138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.230.201.138.clients.your-server.de
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
server
nginx
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache,max-age=0,must-revalidate, no-cache
content-length
35
expires
0

Redirect headers

date
Wed, 30 Aug 2023 21:14:28 GMT
server
nginx
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
/px/?r=0.6091975349350429&dom=born2be.com.ro&tz=-120&sw=1600&sh=1200&ow=1600&oh=1200&iw=1584&ih=1184&scd=24&ifr=1&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&ref=https%3A%2F%2Fstvkr.com%2F&rand=0.48751761469537835&xtmp=1
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
327
expires
0
ec.js
www.google-analytics.com/plugins/ua/ Frame 43FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
3191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 30 Aug 2023 21:21:17 GMT
base-with-font-face.css
assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/ Frame 11EB 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
bf1bbd8a36c1dace8463c8dbad146bba651d8524bc63b3a4e8bbedabe6684a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
br
x-oss-request-id
64AE984035FA72313347F844
content-md5
Dy2kHKoH8OI0iTdD+MUxog==
x-swift-cachetime
86400
x-swift-savetime
Wed, 12 Jul 2023 12:10:40 GMT
content-length
2598
x-oss-object-type
Normal
last-modified
Mon, 07 Aug 2023 15:50:44 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1689163840
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=585276, s-maxage=86400
served-from
23.205.80.172
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_SANTACLARA_20940, DE_FRANKFURT_28753
x-oss-hash-crc64ecma
6411331169884720500
eagleid
81e3ce9516891638390717250e
x-oss-server-time
45
expires
Wed, 06 Sep 2023 15:49:04 GMT
ae-header.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.83/prev/front/ Frame 11EB 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/header-ui/0.0.83/prev/front/ae-header.css
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
3d319be203b3ec081fac4924834b69c650986105b7df6305bdb420b9b203d356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
br
x-oss-request-id
646C6AE62A5D463334507FB4
content-md5
eCnvCMWz5XmVlsAUXNr4ow==
x-swift-cachetime
31536000
x-swift-savetime
Tue, 23 May 2023 07:27:35 GMT
content-length
11684
x-oss-object-type
Normal
last-modified
Tue, 23 May 2023 07:27:41 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1684826855
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=22932784
served-from
23.192.236.91
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, DE_FRANKFURT_28753
x-oss-hash-crc64ecma
11604976591805808547
eagleid
2ff6329b16848268547706954e
x-oss-server-time
5
expires
Wed, 22 May 2024 07:27:33 GMT
97021724.js
bat.bing.com/p/action/ Frame 43FD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97021724.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c93dc410be94729fdcd2813d43eee9fde460df431630002cf14cc20d221c75e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Wed, 30 Aug 2023 21:14:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C24EB86A41E34A5AB8B089DA5BB93D47 Ref B: FRAEDGE1909 Ref C: 2023-08-30T21:14:28Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ Frame 43FD 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97021724&Ver=2&mid=e71c4f32-2c09-4bdc-b6bc-575d9284b788&sid=34a4abf0477a11ee9932a9fe6e76960c&vid=34a509b0477a11ee980d2b3b49f2b188&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=%C3%8Embr%C4%83c%C4%83minte%20%C8%99i%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20la%20mod%C4%83%20online%20-%20descoperi%C8%9Bi%20colec%C8%9Bia%20unic%C4%83%20born2be.com.ro!&kw=born2be%20-%20magazin%20online%20%C3%AEnc%C4%83l%C8%9B%C4%83minte%20%C8%99i%20%C3%AEmbr%C4%83c%C4%83minte%20la%20mod%C4%83&p=https%3A%2F%2Fstvkr.com%2F&r=&lt=1375&evt=pageLoad&ifm=1&sv=1&rn=414877
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Aug 2023 21:14:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FA727425230244B4BE48FE3E174A9E5D Ref B: FRAEDGE1909 Ref C: 2023-08-30T21:14:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
fetch
www.aliexpress.com/campaign/api/tpp/ Frame 11EB 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.aliexpress.com/campaign/api/tpp/fetch?wh_pid=bestseller/Bestseller&appId=21892&searchParams=%7B%22backupParams%22%3A%22aeCurrency%2CaeRegion%2CaeLocale%2Cdevice%2CaeDevice%22%2C%22aeDevice%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fcampaign.aliexpress.com%2Fwow%2Fgcp%2Fae%2Fchannel%2Fae%2Faccelerate%2Ftupr%3Fwh_pid%3Dbestseller%2FBestseller%22%2C%22device%22%3A%22pc%22%2C%22sequence%22%3A1%2C%22extParam%22%3A%22%7B%5C%22screenHeight%5C%22%3A1184%2C%5C%22screenWidth%5C%22%3A1584%7D%22%7D
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
2fdc86ded435ac0a8fb0dd6bcf65432d698b58fbe67ca5b74e84aa43f7e7176b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 21:14:29 GMT
p3p
CP="CAO PSA OUR"
server-timing
cdn-cache; desc=MISS, edge; dur=31, origin; dur=150, ak_p; desc="1693430069237_386595190_57887875_18293_2423_30_0_219";dur=1
content-length
3695
x-xss-protection
1; mode=block
x-application-context
ae-guide-fn-gateway-f:prod,de:7001
pragma
no-cache
server
Tengine
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://campaign.aliexpress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
eagleeye-traceid
211b88f016934300692477182e1df3
expires
0
sfsp_v2.js
assets.alicdn.com/g/dida-lab/fsp-analyser/0.1.2/ Frame 11EB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/dida-lab/fsp-analyser/0.1.2/sfsp_v2.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
ac7500849b383625d514e8d9c2e5fe5dff6a843902d40f4fe31b0d445d4449bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
br
x-oss-request-id
64902938E119B1333962C5AD
content-md5
Lqmpo+EXaCQ8Ullug7AohQ==
x-swift-cachetime
16062
x-swift-savetime
Tue, 20 Jun 2023 05:41:14 GMT
content-length
4733
x-oss-object-type
Normal
last-modified
Sat, 15 Jul 2023 04:01:49 GMT
server
Akamai Resource Optimizer
ali-swift-global-savetime
1687169336
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=745499, s-maxage=86400
served-from
23.205.116.207
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
network_info
US_ASHBURN_20940, DE_FRANKFURT_28753
x-oss-hash-crc64ecma
1425505900712517673
eagleid
2ff6299916872396745995368e
x-oss-server-time
16
expires
Fri, 08 Sep 2023 12:19:28 GMT
/
assets.alicdn.com/g/ Frame 11EB 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.2/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.3.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-link/5.0.15/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.39/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/gcom-core-render-helper/2.0.9/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.74/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
0b34e09becfe94319ba1319d3788481840da307eff8df218497919e9293ab610

Request headers

Referer
https://campaign.aliexpress.com/
Origin
https://campaign.aliexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-oss-request-id
64CC320629E6653434388315
content-md5
yY5cFPUgf3Bvj0QC0lvxNA==
x-swift-cachetime
3599
x-swift-savetime
Thu, 03 Aug 2023 23:02:31 GMT
content-length
115138
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1691103750
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=265718, s-maxage=3600
served-from
23.199.73.141
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
16791710692182623202
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9616911037501074587e
x-oss-server-time
4
/
assets.alicdn.com/g/alilog/ Frame 11EB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
a894a489873ec0665de193d8372811744a4bb407c1bae6d8ff0aecbae504aa6f

Request headers

Referer
https://campaign.aliexpress.com/
Origin
https://campaign.aliexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-oss-request-id
64EFAA1AB6309E303615FCA9
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
1180
x-swift-savetime
Wed, 30 Aug 2023 20:54:30 GMT
content-length
10244
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1693428250
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1821, s-maxage=1800
served-from
23.10.249.118
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
15290110112012039273
network_info
DE_FRANKFURT_28753
eagleid
a3b5329716934288707523794e
x-oss-server-time
22
syncframe
gum.criteo.com/ Frame 9812 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=affiliboss.online&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=82990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:14:28 GMT
server
Kestrel
server-processing-duration-in-ticks
256872
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
main.MTE4Nzk5OTU3MA.js
analytics.tiktok.com/i18n/pixel/static/ Frame 43FD 		363 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T78K1U9OSLU1GBN9EG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42797e694586c69bfea1ebdb17d9dc0ffc27f7dcd2d5b2c8173e2eb1365b07a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
d55dfe5
date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230824130011D87E6CB442DFC907582E
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01c51c029762a5945e4754c4e80288e477cffe9bbe1b2178aeb76cea663242bc7c5878ded5710e9e19dcbb4f68687a60d9a979277dec27930e287e004d2b77adec3a660cb02a063f58f206619a02059f443baa82f0002dc8ab1f7788497b0640b1
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
99404
417469743412375
connect.facebook.net/signals/config/ Frame 43FD 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/417469743412375?v=2.9.125&r=stable&domain=stvkr.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c37685f6f76495b0a4c9a9fcef0d11655ee15718d94df625bcafc449e1b57345
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 21:14:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
p1Lz2GN9NR5iHYT8oO7zh2hQxbJoUdXsrBhH+UcLlv7csVLV32/jXzaYudh+w3w+r8bWhqBF4UZjtuMiA6xZLg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
d.php
analytics.optimalpeople.fr/ Frame 43FD 		468 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.optimalpeople.fr/d.php?merchant_id=td_org_2107055&url=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&o=json
Requested by
Host: analytics.optimalpeople.fr
URL: https://analytics.optimalpeople.fr/js/rd-o-sdk.js?t=1693429200
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash
6c827d6fb5dd135e6a2efc42bdb06a55fc948e921d90cf8747f03892c6d3644a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-via-popn
primary
server
nginx
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
x-via-poph
primary
9df0d149-26bc-4e9f-ad4e-45de3166544c.gif
web.snrbox.com/ Frame 43FD 		35 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/9df0d149-26bc-4e9f-ad4e-45de3166544c.gif?ssuid=d2946148-6ed1-474d-9f00-4159158ed475&user_hash=&identity=email&identityHash=&tck=9df0d149-26bc-4e9f-ad4e-45de3166544c&campaign=0&host=born2be.com.ro&location=%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&title=%25C3%258Embr%25C4%2583c%25C4%2583minte%2520%25C8%2599i%2520%25C3%25AEnc%25C4%2583l%25C8%259B%25C4%2583minte%2520la%2520mod%25C4%2583%2520online%2520-%2520descoperi%25C8%259Bi%2520colec%25C8%259Bia%2520unic%25C4%2583%2520born2be.com.ro!&ver=3&color=24-bit&encoding=UTF-8&lang=en-us&res=1600x1200&refdomain=stvkr.com&ref=%2F&browser=Chrome&browserver=116.0.5845.140&ecookies=true&os=Windows&osver=NT%204.0&init=1693430069&last=0&current=1693430069&long=0&visits=1&s_visits=1&u24_visits=1&productRef=null&eventUUID=99147b3e-b89e-43b7-aeff-1d7b8359a223&snr_sdk_version=no-m%3A3.13.0%3A2023-08-30&ogTags=%7B%22isLogged%22%3Afalse%7D&params=%7B%22utm_source%22%3A%22td%22%2C%22utm_campaign%22%3A%22Cityads%2BRO%22%2C%22utm_medium%22%3A%2224941146%22%7D
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
Client-UUID, X-Email-Hash, Client-UUID
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
client-uuid
acbab14a-19dc-4079-9f4a-4ae5f11bee3b
access-control-allow-headers
Origin,Content-Type,Accept,X-Requested-With,tracker,ver,X-CSRF-TOKEN,Authorization,Api-Key,X-Request-Id
content-length
35
97021724
www.clarity.ms/tag/uet/ Frame 43FD 		1021 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97021724
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97021724.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b75c4eee283e98bf2873373150e53923642619c5fe7a5d842eb30f9220bfc728

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
-1
date
Wed, 30 Aug 2023 21:14:29 GMT
x-azure-ref
20230830T211429Z-ytyz4x4sn55v38gug6cks0h2ds00000000ug000000023avk
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1021
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
sid
mug.criteo.com/ Frame 9812
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=born2be.com.ro&sn=ChromeSyncframe&so=0&topUrl=affiliboss.online&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=nFl9HnxocW5pS1JWVGtCMHNVZ3JqVjlyWlZhLzRpQU5tc1A5c3JhdlhQYjViRVZXZFNpRmdXQmlrVzI1SWlKc2lRbmxqK0FoRU5oYXVuRjFYdUdtZUoyOHVXakFJZ1pVWjBhNEVyQUFmM0pKT3N0dG9ocE8renRJTWtSQn...
468 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nFl9HnxocW5pS1JWVGtCMHNVZ3JqVjlyWlZhLzRpQU5tc1A5c3JhdlhQYjViRVZXZFNpRmdXQmlrVzI1SWlKc2lRbmxqK0FoRU5oYXVuRjFYdUdtZUoyOHVXakFJZ1pVWjBhNEVyQUFmM0pKT3N0dG9ocE8renRJTWtSQnVtMWhMVXhYZmVOVTQwR2xUVGxIcTN3RTFmYUpxVm0wUTRpQk9pTGVUS3drM2diM1dJQTdKSXNlQzltak15N3Q0d2FzWUROYlNPeWgzTGRyUHdodUUwVDlETU5HY2MyYlRmOU0vOElFQWFXcFR4bG1YMzdKU3llS3NWRmZVN1QrOHF6TUViV2JsbWRSaUwwcXMweVo5M251MFZZbGxCV2xlWUFnaU5iV0htVWdFUVlDUlE4Yz18&cppv=2
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b6234f30198864922c6dc1b2ded163987856da7125df390f1076bb81f0eeaa0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1638879
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nFl9HnxocW5pS1JWVGtCMHNVZ3JqVjlyWlZhLzRpQU5tc1A5c3JhdlhQYjViRVZXZFNpRmdXQmlrVzI1SWlKc2lRbmxqK0FoRU5oYXVuRjFYdUdtZUoyOHVXakFJZ1pVWjBhNEVyQUFmM0pKT3N0dG9ocE8renRJTWtSQnVtMWhMVXhYZmVOVTQwR2xUVGxIcTN3RTFmYUpxVm0wUTRpQk9pTGVUS3drM2diM1dJQTdKSXNlQzltak15N3Q0d2FzWUROYlNPeWgzTGRyUHdodUUwVDlETU5HY2MyYlRmOU0vOElFQWFXcFR4bG1YMzdKU3llS3NWRmZVN1QrOHF6TUViV2JsbWRSaUwwcXMweVo5M251MFZZbGxCV2xlWUFnaU5iV0htVWdFUVlDUlE4Yz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
361930
content-length
0
expires
0
get-public-config
web.snrbox.com/rtom-proxy/rtom/web-push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom-proxy/rtom/web-push/get-public-config?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c&acceptLanguage=en-US%2Cen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://born2be.com.ro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
tracker,api-key,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-request-id
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-max-age
1728000
age
1195
cache-control
public, max-age=1800, stale-while-revalidate=7200
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Accept-Encoding
x-cache
HIT
synerise-javascript-sdk.min.css
www.snrcdn.net/sdk/3.0/ Frame 43FD 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk.min.css
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE4) /
Resource Hash
4009e508caa1fb0ea906ca6a7ba1ec7daa3dcfe053fc040a779facc350e67930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
content-md5
3+ng4pWqUztCDerwaDv+CA==
age
578
x-cache
HIT
content-length
6595
x-ms-lease-status
unlocked
last-modified
Wed, 30 Aug 2023 03:33:52 GMT
server
ECAcc (frc/4CE4)
etag
0x8DBA909EE93F983
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
7198c19b-c01e-007c-3c85-db6b8e000000
cache-control
max-age=600
x-ms-version
2009-09-19
expires
Wed, 30 Aug 2023 21:24:29 GMT
filtered
web.snrbox.com/dc/v4/dynamicContent/ Frame 43FD 		35 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/dc/v4/dynamicContent/filtered?code=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
43988e80221f7dd7cf2077d98c73cf7b24e73e380906700cd6970a655bfd517c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"e07b4979b4e1b3b61cf0a38d25587658"
requestid
a4bb62a5-b05b-4358-840c-0259c349f249
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-allow-credentials
true, true
get-public-config
web.snrbox.com/rtom-proxy/rtom/web-push/ Frame 43FD 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom-proxy/rtom/web-push/get-public-config?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c&acceptLanguage=en-US%2Cen
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b73e9995fab66a7e65df9609d5af0e073fe7fe6538cdf4fbca896fab774e53a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
age
766
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-max-age
3600
access-control-allow-origin
*
access-control-expose-headers
X-Email-Hash, Client-UUID
cache-control
public, max-age=1800, stale-while-revalidate=7200
access-control-allow-credentials
true
x-cache
HIT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, Authorization, cookie, Cookie, tracker
identify_7de69.js
analytics.tiktok.com/i18n/pixel/static/ Frame 43FD 		114 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7de69.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-akamai-request-id
d55e157
date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230824130003A4BA4B8D5EED1828C5A1
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
014b6e8621095d040184e40741e404c1039d63eb8fd27368859bc53512182d8f0655277bfa7b6fd59ecdd2303878b2d83bb9e8f8cb078e55c68b52350982c965b70f141ca6eb6dd9ddfd5e7271456bce26bc24d3b28b92826a12ccc96186c39bc1
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length
30586
pixel
analytics.tiktok.com/api/v2/ Frame 43FD 		0
788 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
70e3a5.d55e213
date
Wed, 30 Aug 2023 21:14:29 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
x-parent-response-time
125,23.36.161.78
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=41, inner; dur=33
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230830211429EF4A4016BD2189EC7E8B
x-cache-remote
TCP_MISS from a208-185-55-130.deploy.akamaitechnologies.com (AkamaiGHost/11.2.2-50274567) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
41,208.185.55.130
x-tt-trace-host
01782c1aa098d441e14c7848822c4a7ef00f44e7280f3ed7e2207120ed5ab8164944db49e05e150e2f7699af82c339831b5f956602f6368381526076b9966568d4224e54c68e4dae8fd5cb942de3f2a958532e752d6507d23a4507bc25216c54265f4aa70e98580fc9915f2a432966f18d
access-control-allow-headers
Authorization,*
expires
Wed, 30 Aug 2023 21:14:29 GMT
/
www.facebook.com/tr/ Frame 43FD 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=182720446518940&ev=PageView&dl=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&rl=https%3A%2F%2Fstvkr.com%2F&if=true&ts=1693430069318&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&it=1693430068887&coo=false&rqm=GET
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 21:14:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 43FD 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=417469743412375&ev=PageView&dl=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&rl=https%3A%2F%2Fstvkr.com%2F&if=true&ts=1693430069320&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&it=1693430068887&coo=false&rqm=GET
Requested by
Host: born2be.com.ro
URL: https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 21:14:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
clarity.js
www.clarity.ms/s/0.7.10/ Frame 43FD 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97021724
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 20:30:54 GMT
etag
W/"0x8DBA805ADEDAF89"
vary
Accept-Encoding
x-azure-ref
20230830T211429Z-ytyz4x4sn55v38gug6cks0h2ds00000000ug000000023awe
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
54a9623e-c01e-003b-0f18-da6b7f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
truncated
/ Frame 11EB 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/webp
byUuids
web.snrbox.com/dc/v4/dynamicContent/ Frame 43FD 		37 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/dc/v4/dynamicContent/byUuids?code=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&query=eyJ2YXJpYW50RmlsdGVycyI6eyIzNzU3ZjRiYi01MjIyLTQ1YTMtOTFiMy04MDMyM2JkNWZkNWUiOjMzODU5MjYsIjdiNGYwNWYwLTE4NGMtNDc0NS05NzY4LTFiYjZlMDMyODU4ZiI6OTA2MTA3NiwiMjhiOTA3NmEtZmQ0Ni00ZjAwLThlM2YtNWZiOGUwYmMxMjQ2IjozMzg1ODc3fSwidmFyaWFibGVzIjp7fSwicmVmZXJlciI6Imh0dHBzOi8vYm9ybjJiZS5jb20ucm8vP3V0bV9zb3VyY2U9dGQmdXRtX2NhbXBhaWduPUNpdHlhZHMrUk8mdXRtX21lZGl1bT0yNDk0MTE0NiZ0ZHVpZD1lMTJkMzBlOWIyMzkwNzBjNTQ0N2Q5ZmIxYzk2YmZiMyJ9
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5487606b2d0b127c94e2ba6b62206261e48be388ee11b8cb606eb8717721df50
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"d697f236a74617052e1a793eafe59850"
requestid
e2fc3358-1931-48bb-8219-ae67de591731
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-allow-credentials
true, true
Hef9c4bcb621f4b1ebc69160e597897edU.png
ae01.alicdn.com/kf/ Frame 11EB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/Hef9c4bcb621f4b1ebc69160e597897edU.png
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.83/prev/front/ae-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 17:10:02 GMT
strict-transport-security
max-age=0
via
cache16.l2us1[0,0,200-0,H], cache24.l2us1[2,0], ens-cache4.de5[0,0,200-0,H], ens-cache5.de5[5,0]
age
32846667
x-swift-cachetime
64726382
x-cache
HIT TCP_MEM_HIT dirn:13:25966304
x-swift-savetime
Sun, 23 Apr 2023 13:37:00 GMT
content-length
20992
cdn-type
alibaba
last-modified
Sun, 10 Apr 2022 15:50:27 GMT
server
Tengine
ali-swift-global-savetime
1660583402
content-type
image/png
traceid
2ff6319c16605834026556333e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
2ff6319c16605834026556333e
eagleid
a3b55c9916934300696325237e
Hee223875f9f74af385b2e302dfc0e4bbM.png
ae01.alicdn.com/kf/ Frame 11EB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/Hee223875f9f74af385b2e302dfc0e4bbM.png
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.83/prev/front/ae-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 01:25:13 GMT
strict-transport-security
max-age=0
via
cache21.l2us1[0,0,200-0,H], cache6.l2us1[0,0], ens-cache13.de5[0,0,200-0,H], ens-cache5.de5[12,0]
age
32816956
x-swift-cachetime
64762129
x-cache
HIT TCP_MEM_HIT dirn:13:155569497
x-swift-savetime
Sun, 23 Apr 2023 11:56:24 GMT
content-length
30435
cdn-type
alibaba
last-modified
Thu, 05 May 2022 10:37:43 GMT
server
Tengine
ali-swift-global-savetime
1660613113
content-type
image/png
traceid
2ff6309b16606131128623511e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
2ff6309b16606131128623511e
eagleid
a3b55c9916934300696325244e
398x92.png
ae01.alicdn.com/kf/S46f745032e6e4f3da94f1a3df564f238K/ Frame 11EB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/S46f745032e6e4f3da94f1a3df564f238K/398x92.png
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.83/prev/front/ae-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
440276add45d593f6cc2ab9fe6702cb9c7799c2aedf19ba663fad874740c6f0c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.alicdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 07:14:06 GMT
strict-transport-security
max-age=0
via
cache39.l2us1[0,0,200-0,H], cache32.l2us1[0,0], ens-cache3.de5[0,0,200-0,H], ens-cache5.de5[7,0]
age
32796023
x-swift-cachetime
64799520
x-cache
HIT TCP_MEM_HIT dirn:13:920095372
x-swift-savetime
Sun, 23 Apr 2023 07:22:06 GMT
content-length
2979
cdn-type
alibaba
last-modified
Fri, 01 Apr 2022 06:05:55 GMT
server
Tengine
ali-swift-global-savetime
1660634046
content-type
image/png
traceid
a3b5329916606340465962987e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
a3b5329916606340465962987e
eagleid
a3b55c9916934300696375252e
Hadabc8a489c241bc985abe993a221e4ex.png
ae01.alicdn.com/kf/ Frame 11EB 		358 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/Hadabc8a489c241bc985abe993a221e4ex.png
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 00:16:59 GMT
strict-transport-security
max-age=0
via
cache21.l2ot7-1[0,0,200-0,H], cache22.l2ot7-1[1,0], ens-cache7.de5[0,0,200-0,H], ens-cache5.de5[7,0]
age
13813050
x-swift-cachetime
18454716
x-cache
HIT TCP_MEM_HIT dirn:0:1463697082
x-swift-savetime
Thu, 17 Aug 2023 09:58:23 GMT
content-length
358
cdn-type
alibaba
last-modified
Mon, 12 Sep 2022 07:02:09 GMT
server
Tengine
ali-swift-global-savetime
1679617019
content-type
image/png
traceid
2ff6179a16796170198391611e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*, *
eagleeye-traceid
2ff6179a16796170198391611e
eagleid
a3b55c9916934300696375262e
H73de9a20768e477c8fa388396e2f519df.png
ae01.alicdn.com/kf/ Frame 11EB 		377 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/H73de9a20768e477c8fa388396e2f519df.png
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.173 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 03:36:16 GMT
strict-transport-security
max-age=0
via
cache30.l2us1[0,0,200-0,H], cache29.l2us1[0,0], ens-cache12.de5[0,0,200-0,H], ens-cache5.de5[7,0]
age
21404293
x-swift-cachetime
9940300
x-cache
HIT TCP_MEM_HIT dirn:13:498975577
x-swift-savetime
Mon, 28 Aug 2023 02:24:36 GMT
content-length
377
cdn-type
alibaba
last-modified
Fri, 27 May 2022 02:44:57 GMT
server
Tengine
ali-swift-global-savetime
1672025776
content-type
image/png
traceid
2ff6029916720257768832617e
access-control-allow-origin
*
cache-control
max-age=86400000
timing-allow-origin
*
eagleeye-traceid
2ff6029916720257768832617e
eagleid
a3b55c9916934300696375272e
open-sans-v13-cyrillic_latin-regular_050a6.woff
assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/assets/ Frame 11EB 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/assets/open-sans-v13-cyrillic_latin-regular_050a6.woff
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
a7725581f9b9aeff5856ef888347c7bb6d0bbb8516a7b089ab6b3443abf41976

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Origin
https://campaign.aliexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Aug 2023 21:14:29 GMT
x-oss-request-id
64D503D0CDC4BA383292DE0B
content-md5
BQpkNgbt5fRFnxWrQu9ljg==
x-swift-cachetime
86210
x-swift-savetime
Thu, 10 Aug 2023 15:38:54 GMT
content-length
27384
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1691681744
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=843585, s-maxage=86400
served-from
23.199.73.135
x-oss-storage-class
Standard
accept-ranges
bytes
x-source-scheme
https
x-oss-hash-crc64ecma
12002504779907113647
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9a16917093353743910e
x-oss-server-time
52
open-sans-v13-cyrillic_latin-700_ed599.woff
assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/assets/ Frame 11EB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/assets/open-sans-v13-cyrillic_latin-700_ed599.woff
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
867fcc29b69777b4e0e32977a929b76658393623e46a7ff3f00361224c709963

Request headers

Referer
https://assets.alicdn.com/g/ae-fe/gcp-base/0.0.2/base-with-font-face.css
Origin
https://campaign.aliexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Aug 2023 21:14:29 GMT
x-oss-request-id
64B7E13499620B3339C8E5C8
content-md5
7VmVncX0H/KrHdDOc/g/TQ==
x-swift-cachetime
86021
x-swift-savetime
Wed, 19 Jul 2023 13:18:39 GMT
content-length
28204
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1689772340
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=1267033, s-maxage=86400
served-from
23.199.73.157
x-oss-storage-class
Standard
accept-ranges
bytes
x-source-scheme
https
x-oss-hash-crc64ecma
10891730549559134337
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9b16898494583658404e
x-oss-server-time
29
/
assets.alicdn.com/g/alilog/ Frame 11EB 		175 KB
67 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??s/8.15.22/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.22/plugin/aplus_ae.js,s/8.15.22/plugin/aplus_ac.js,s/8.15.22/aplus_int.js,s/8.15.22/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230824184942
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
11c914cb33c0b403f1f01ce72220302ae736c4b6f5271669f043d3f210c000de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-oss-request-id
64E737309931703934274EAB
content-md5
qYmixGAcqoaHsy9TniOi1A==
x-swift-cachetime
31104000
x-swift-savetime
Thu, 24 Aug 2023 10:55:44 GMT
content-length
67970
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1692874544
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30548533, s-maxage=31104000
served-from
2.21.22.37
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
16531388080846265225
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9516928745441872561e
x-oss-server-time
3
/
best.aliexpress.com/ Frame 11EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://best.aliexpress.com/
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.2/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.3.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-link/5.0.15/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.39/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/gcom-core-render-helper/2.0.9/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.74/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://campaign.aliexpress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
de-DE
content-length
16155
content-type
text/html;charset=UTF-8
date
Wed, 30 Aug 2023 21:14:29 GMT
eagleeye-traceid
210318cb16934299462152001e358e
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine
server-timing
ak_p; desc="1693430069764_386595190_57888463_726_1825_26_0_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-application-context
ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
/
assets.alicdn.com/g/rax-pkg/rax-view/2.3.0/ Frame 11EB 		160 B
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/rax-pkg/rax-view/2.3.0/??index.css
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.2/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.3.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-link/5.0.15/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.39/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/gcom-core-render-helper/2.0.9/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.74/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
303a15bcb51100dbde0a5503e024709c152e384458c0f26b0eb85953650a5d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-oss-request-id
64CC7FBF568E303533560584
content-md5
ifFGsdQaJteFFFzoP+M0Sw==
x-swift-cachetime
47776
x-swift-savetime
Fri, 04 Aug 2023 15:17:51 GMT
content-length
148
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1691123647
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=285629, s-maxage=86400
served-from
23.199.73.143
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
3775003507553484369
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9a16911622716133761e
x-oss-server-time
2
/
assets.alicdn.com/g/ Frame 11EB 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/??code/npm/@ali/gmod-tab-product-list/1.0.70/index-pc.js,code/npm/@ali/gcom-attribution-report/0.0.4/index.js,code/npm/@ali/gcom-product-image/5.0.21/index.js,code/npm/@ali/gcom-pagebuilder-j-picture/5.0.18/index.js,code/npm/@ali/gcom-pagebuilder-icon/5.0.3/index.js,rax-pkg/rax-image/1.1.0/index.js,pmod/pagebuilder_basic_structure/5.1.0/index.js,code/npm/@ali/pcom-mtop/4.1.3/index.js,code/npm/@ali/universal-mtop/5.2.2/index.js,code/npm/@ali/universal-tracker/3.0.7/index.js,code/npm/@ali/gcom-pagebuilder-j-cookie/5.0.5/index.js,code/npm/@ali/pcom-navbar-height/1.0.6/index.js,code/npm/@ali/pcom-iphonex-helper/1.0.3/index.js,code/npm/@ali/flute-i18n/2.0.0/index.js,code/npm/@ali/gcom-pagebuilder-scrollview/0.0.2/index.js
Requested by
Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??mui/feloader/5.0.5/feloader-min.js,rax-pkg/rax/1.2.2/index.js,code/npm/@ali/pnpm-uni--env/1.0.6/index.js,rax-pkg/universal-env/3.3.3/index.js,rax-pkg/rax-image/2.2.6/index.js,rax-pkg/rax-view/2.3.0/index.js,code/npm/@ali/gcom-gcp-use-image-source/1.0.9/index.js,code/npm/@ali/gcom-gcp-rax-view/1.0.0/index.js,rax-pkg/rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-text/1.2.1/index.js,code/npm/@ali/gcom-gcp-rax-link/1.0.0/index.js,code/npm/@ali/gcom-pagebuilder-query-string/5.0.4/index.js,code/npm/@ali/gcom-link/5.0.15/index.js,rax-pkg/rax-get-element-by-id/1.0.0/index.js,code/npm/@ali/gcom-gcp-hoist-non-react-statics/1.0.3/index.js,rax-pkg/rax-view/1.0.1/index.js,rax-pkg/rax-find-dom-node/1.0.0/index.js,rax-pkg/rax-refreshcontrol/1.0.0/index.js,rax-pkg/rax-scrollview/2.0.0/index.js,rax-pkg/rax-children/1.0.0/index.js,rax-pkg/rax-proptypes/1.0.0/index.js,rax-pkg/rax-recyclerview/1.1.2/index.js,code/npm/@ali/pcom-gcp-dom-driver/0.0.3/index.js,code/npm/@ali/gcom-gcp-core-render-v2/0.0.39/index.js,code/npm/@ali/pcom-fetch/2.0.9/index.js,code/npm/@ali/gcom-core-render-helper/2.0.9/index.js,code/npm/@ali/gcom-gcp-ae-render-v2/0.0.74/index.js,code/npm/@ali/pcom-regenerator-runtime/1.0.2/index.js,mui/mtb-windvane/5.1.2/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.20.209.93 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-209-93.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
6168047d03cf206c5bb8321f3dec5ebbcace39076f7e75cf4d0ce97ba00fdffb

Request headers

Referer
https://campaign.aliexpress.com/
Origin
https://campaign.aliexpress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
content-encoding
gzip
x-oss-request-id
64B4F00176A9443035C7175B
content-md5
2IxuDi/SebhxJ1UZrEX5rg==
x-swift-cachetime
86400
x-swift-savetime
Mon, 17 Jul 2023 07:38:41 GMT
content-length
51745
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1689579521
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=940812, s-maxage=86400
served-from
23.199.73.93
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
14712194933430213316
network_info
DE_FRANKFURT_28753
eagleid
2ff62e9916895795212347202e
x-oss-server-time
40
event
sslwidget.criteo.com/ Frame 43FD 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=82990&v=5.17.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fstvkr.com&p1=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p2=e%3Dce%26m%3D%255B%255D%26h%3Dsha256&p3=e%3Ddis&bundle=DByaH19jUUJ0MXlKMW1RbW04JTJGTUljRzVBb0klMkZYcjMlMkJvaGdubjBPc2F4TjVJdjV4Y29RTFpIOGtBcDVSY3FacGs4JTJGMEVCWmtzUU8zeVJLWjM0T0ZaUHphTGEzUUtKNnF0c2tkSFMxSXhJRVkyY2JxbURoQUxweENNaXBXVlQ2V3poR01aMHRpS1R5Z0UlMkJIYm9pVDdnJTJGJTJCMjdJY3NMZFZCTFhhazRFTVd2Mm9lMkdNSSUzRA&tld=born2be.com.ro&dy=1&fu=https%253A%252F%252Faffiliboss.online&pu=https%253A%252F%252Faffiliboss.online&ceid=fbe32569-d9d5-482b-bc04-6431415eb3ed&dtycbr=75939
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=82990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bbd74392cb801f844198e31c7f7ed1a26c877f52831ec5cc819adfde5db04a5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
14420600
timing-allow-origin
*
expires
0
act
analytics.tiktok.com/api/v2/pixel/ Frame 43FD 		0
649 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE4Nzk5OTU3MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
d55e42a
date
Wed, 30 Aug 2023 21:14:29 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-78.deploy.akamaitechnologies.com (AkamaiGHost/11.2.3-50495197) (-)
server-timing
inner; dur=16, cdn-cache; desc=MISS, edge; dur=16, origin; dur=108
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230830211429BD4BDC9ED7FE42186625
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
109,23.36.161.78
x-tt-trace-host
01782c1aa098d441e14c7848822c4a7ef0869c0c02079691302d7dfbd09c5c79c87d565e33a76b91838b4a8f3852256ce43b945113d1446c99bbdad8cd97ba7a53b8664605683bca67df3bfbcf83674e8c991965874894e40b0b99acd77fb16ae9
access-control-allow-headers
Authorization,*
expires
Wed, 30 Aug 2023 21:14:29 GMT
check-subscription
web.snrbox.com/rtom/web-push/ Frame 43FD 		30 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom/web-push/check-subscription?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&domain=born2be.com.ro
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa9ff5f91da78bbcefb5a094db69e00af834e4a8714c3c570857217d258ae63f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding, Origin, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, Authorization, cookie, Cookie, tracker
check-subscription
web.snrbox.com/rtom/web-push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/rtom/web-push/check-subscription?tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&domain=born2be.com.ro
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://born2be.com.ro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN, Authorization, cookie, Cookie, tracker
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin, Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
eg.js
ae.mmstat.com/ Frame 11EB 		0
0
collect
p.clarity.ms/ Frame 43FD 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://born2be.com.ro
Date
Wed, 30 Aug 2023 21:14:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
ar1.aza.io/ Frame 43FD 		70 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar1.aza.io/?currentpage=https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3&referrer=https%3A%2F%2Fstvkr.com%2F&hostname=born2be.com.ro&type=7&uid=false
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.106.0.17 Warsaw, Poland, ASN12741 (AS-NETIA Warszawa 02-822, PL),
Reverse DNS
212-106-0-17.static.ip.netia.com.pl
Software
nginx /
Resource Hash
e497ca2f599a68685b917011c3b77b12b5d5da7fc2b6dcbd43d49517cf409706

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:29 GMT
Server
nginx
Content-length
70
Content-type
image/png
dsp
citydsp.com/ Frame 43FD 		1009 B
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://citydsp.com/dsp?h=born2be.com.ro&r=0.2645973608902703
Requested by
Host: x.cnt.my
URL: https://x.cnt.my/async/parser/born2be.com.ro.js?r=4.00&dom=born2be.com.ro
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.33.59 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
c2f8408fe385be554626a4a2161c7000a995ae2ad9e53b16c766aa0722bae774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:14:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
c.gif
c.clarity.ms/ Frame 43FD
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&RedC=c.clarity.ms&MXFR=12E818AB9F10675402300BD69B1069E5
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&MUID=18064E0BA3A6612F3F7A5D76A2A660AA
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&MUID=18064E0BA3A6612F3F7A5D76A2A660AA
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B8250BF75FB4F988FDD0EF042CB0600 Ref B: FRAEDGE1909 Ref C: 2023-08-30T21:14:29Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4B8FFA43C9E7407681DC3F5533FBFDFB&MUID=18064E0BA3A6612F3F7A5D76A2A660AA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B65E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_cm&google_hm=ay1ZN0NqR0hJcjh0UDNEcUc0N2Y0NnpxV01PdmJkb1ZkU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_gid=CAESEGUGLoj8jsIt4qcGQDwNL80&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_gid=CAESEGUGLoj8jsIt4qcGQDwNL80&google_cver=1&google_ula=913071,0
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
854315
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Y7CjGHIr8tP3DqG47f46zqWMOvbdoVdSV16atQ&google_gid=CAESEGUGLoj8jsIt4qcGQDwNL80&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame B65E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cZO1-XIr8tP3DqG47f46zqWMOvaLymwM8751MA&expires=30
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.96.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-96-33.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B65E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2076332971733711912
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2076332971733711912
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
900441
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
an-x-request-uuid
e38a15ad-b01b-4aff-b16c-2794d4297ac8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2076332971733711912
x-proxy-origin
178.162.209.131; 178.162.209.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame B65E
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
an-x-request-uuid
09d44a6e-15e3-45c3-9f0c-3858af444d97
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.131; 178.162.209.131; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
an-x-request-uuid
1a90edf9-3c3c-422b-b7f8-fc0dceb3fe73
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-l57minIr8tP3DqG47f46zqWMOvbjDAAOlnU_3A
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.131; 178.162.209.131; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame B65E 		53 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-wq8BhHIr8tP3DqG47f46zqWMOvYfmRx17Cc3nQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 21:14:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Wed, 30 Aug 2023 21:14:29 GMT
tap.php
pixel.rubiconproject.com/ Frame B65E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-tPUVcnIr8tP3DqG47f46zqWMOvYL6KmPPqAhJA&expires=30
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame B65E 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-n7KMdnIr8tP3DqG47f46zqWMOvbhlyKlCBoEuA
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.60.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-60-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
/
rtb-csync.smartadserver.com/redir/ Frame B65E 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HVYRNXIr8tP3DqG47f46zqWMOvZEzg13Qf-QDQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:28 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B65E 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-GMx3nXIr8tP3DqG47f46zqWMOvYFLbD9nUsiBQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12595
um
criteo-sync.teads.tv/ Frame B65E 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-DwnoD3Ir8tP3DqG47f46zqWMOvZeUR0_i6hxoA
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 21:14:29 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame B65E 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-SbSrOnIr8tP3DqG47f46zqWMOvaXBFwNpk5ZmA&dongle=013b
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame B65E 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-zIzj_3Ir8tP3DqG47f46zqWMOvZwV2WEMtBDpw
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame B65E 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-_oMSEXIr8tP3DqG47f46zqWMOvbZZX-pEysliQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
last-modified
Fri, 18 Nov 2022 14:41:46 GMT
server
nginx
accept-ranges
bytes
etag
"637799aa-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame B65E 		49 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-Jjqb4XIr8tP3DqG47f46zqWMOvYc1l74bQjysw
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
11
content-length
49
expires
0
rum
r.casalemedia.com/ Frame B65E
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg&C=1
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg&C=1
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeiRohJ0Uadj4lGvSWE%2Bic2qmFBiGIXDdhpdiHN%2BK4AfP0qRHyJ2e57Pgjcy8HeOjkYL7UvmHQqxYEVma4%2BkSJ6QKe%2BsRu4apqfAFkoFjcR6esU9WfgIzJmABQeW%2Bzg5ejV3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7ff00b30dcaa3802-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mvi8K2EhOsuiTpL2ROjrPWGfibepu7uvNn6vO5PWu%2BmsRIvDDGYASwWR7GFB9AbiecbrttwVmsZMBnoMQ6jj3cgtcjtoWYQGTkTVs5HZISRGsyomSMJJpon7y4yQHNoheugh"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-F2TbOnIr8tP3DqG47f46zqWMOvY5TQygHbB-Pg&C=1
cache-control
no-cache
cf-ray
7ff00b30bc863802-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame B65E
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_
Protocol
HTTP/1.1
Server
34.252.43.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-43-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0a9eadf0a.edge-irl1.demdex.com 12 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vLgWmvnGQCU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-0bd09cf27.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/N/6dggfTQg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=SNbKmqJJwk9ulN32Jg9kI727DBUDALF_
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame B65E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-BeSn-HIr8tP3DqG47f46zqWMOvY_3Asp2fRKvw
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 30 Aug 2023 21:14:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame B65E 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hE37uXIr8tP3DqG47f46zqWMOva44LHSg3rqdA
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.250.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-250-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:14:29 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame B65E 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-e_RCR3Ir8tP3DqG47f46zqWMOvZeVWmeu7hYEg
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame B65E 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-_ArHG3Ir8tP3DqG47f46zqWMOvYt5__IJithgw
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.28.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-28-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame B65E 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-NSejm3Ir8tP3DqG47f46zqWMOvb09tpNsEz1PQ&initiator=partner
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 21:14:30 GMT
Cache-Control
no-cache
X-TraceId
b1227ec95fe811aee7ff6a9bccf06a83
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame B65E 		42 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-uJ2peHIr8tP3DqG47f46zqWMOvY8UTO1il1pBQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 21:14:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame B65E 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-BZWX6XIr8tP3DqG47f46zqWMOvb4NtJyL9CGbg
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6a8:b2f5:a36e:3d52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 30 Aug 2023 21:14:30 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame B65E 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-IoHr0XIr8tP3DqG47f46zqWMOvYxLL_ujykamA
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 21:14:29 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame B65E 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-bPtc_XIr8tP3DqG47f46zqWMOva8CxVWtAIDgQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:14:29 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 29 Aug 2023 21:14:29 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame B65E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-P6ApS3Ir8tP3DqG47f46zqWMOvbws-AW2qMDrA&pn_id=criteo&ext=1
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.192.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-192-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:30 GMT
content-length
0
put
e1.emxdgt.com/ Frame B65E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-H667knIr8tP3DqG47f46zqWMOvbyxjUNn_HKlQ
Requested by
Host: affiliboss.online
URL: https://affiliboss.online/pop/romania/page.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.69.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-69-72.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:29 GMT
server
awselb/2.0
/
acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/ Frame 11EB 		0
0
font_1315582_h913wblfoc5.ttf
at.alicdn.com/t/ Frame 11EB 		0
0
init
retagro.com/ Frame 43FD 		0
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retagro.com/init?r=0.7894377314495991
Requested by
Host: citydsp.com
URL: https://citydsp.com/dsp?h=born2be.com.ro&r=0.2645973608902703
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.17.170.54 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:14:30 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
start
anilima.com/ Frame 43FD 		0
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://anilima.com/start?r=0.4438193558093977
Requested by
Host: citydsp.com
URL: https://citydsp.com/dsp?h=born2be.com.ro&r=0.2645973608902703
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.36.113 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 21:14:30 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
/
www.facebook.com/tr/ Frame 9AA5 		0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://born2be.com.ro
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://born2be.com.ro
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:14:29 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame ACAB 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://born2be.com.ro
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://born2be.com.ro
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 21:14:29 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
usermatch.gif
beacon.krxd.net/ Frame B65E
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wohKVwvLpPi6RmNHDN6NS-Gv6kHDaD7Y
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wohKVwvLpPi6RmNHDN6NS-Gv6kHDaD7Y
Protocol
H2
Server
34.250.62.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-62-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Wed, 30 Aug 2023 21:14:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1693430070
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=wohKVwvLpPi6RmNHDN6NS-Gv6kHDaD7Y
date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
10878753
content-length
0
cs
s.thebrighttag.com/ Frame B65E
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=hocA8whReSB3DfzyIGTXhzh6EpImpybA
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=hocA8whReSB3DfzyIGTXhzh6EpImpybA
Protocol
H2
Server
13.59.220.190 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-59-220-190.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 21:14:30 GMT
x-bt-requestid
357ab342-477a-11ee-b81d-0000ac170089
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=hocA8whReSB3DfzyIGTXhzh6EpImpybA
date
Wed, 30 Aug 2023 21:14:29 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
819090
content-length
0
byUuids
web.snrbox.com/dc/v4/dynamicContent/ Frame 43FD 		23 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/dc/v4/dynamicContent/byUuids?code=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&query=eyJ2YXJpYW50RmlsdGVycyI6eyJkNjk1MDk4YS00OWU0LTRiNGEtODY5Zi1jMzIzNDQ0Y2Q0MmIiOjM5NTAxMTd9LCJ2YXJpYWJsZXMiOnt9LCJyZWZlcmVyIjoiaHR0cHM6Ly9ib3JuMmJlLmNvbS5yby8%2FdXRtX3NvdXJjZT10ZCZ1dG1fY2FtcGFpZ249Q2l0eWFkcytSTyZ1dG1fbWVkaXVtPTI0OTQxMTQ2JnRkdWlkPWUxMmQzMGU5YjIzOTA3MGM1NDQ3ZDlmYjFjOTZiZmIzIn0%3D
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8ecd6c7516c1b118fdaf1419b11a30055463a374c8043f6fb4d847b92fc7384
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"9a2b8fc345333ab2ead1cad425cab761"
requestid
d3588658-e6b8-4de7-9aaa-8a10b29c5eb5
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-allow-credentials
true, true
collect
p.clarity.ms/ Frame 43FD 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://born2be.com.ro
Date
Wed, 30 Aug 2023 21:14:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
byUuids
web.snrbox.com/dc/v4/dynamicContent/ Frame 43FD 		49 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/dc/v4/dynamicContent/byUuids?code=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&query=eyJ2YXJpYW50RmlsdGVycyI6eyI0NWNmZGRjNC0wYjAwLTQwZWEtYmIzNC0zYWU3NGRiMjRjOGUiOjc5NTAzNDV9LCJ2YXJpYWJsZXMiOnt9LCJyZWZlcmVyIjoiaHR0cHM6Ly9ib3JuMmJlLmNvbS5yby8%2FdXRtX3NvdXJjZT10ZCZ1dG1fY2FtcGFpZ249Q2l0eWFkcytSTyZ1dG1fbWVkaXVtPTI0OTQxMTQ2JnRkdWlkPWUxMmQzMGU5YjIzOTA3MGM1NDQ3ZDlmYjFjOTZiZmIzIn0%3D
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
49ccba3840c9a78f2244b16582f28376e081fcf31e863f66dd597273cb598e97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"73ccf0c51207d424cbe61f38f3a92291"
requestid
e6a45b4f-0a03-4926-85dc-73087afc3c38
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-allow-credentials
true, true
byUuids
web.snrbox.com/dc/v4/dynamicContent/ Frame 43FD 		35 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/dc/v4/dynamicContent/byUuids?code=9df0d149-26bc-4e9f-ad4e-45de3166544c&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&query=eyJ2YXJpYW50RmlsdGVycyI6eyJmMTM4ZTMyYy01ZDI4LTRhYTAtOTlkZC0wNDFiYzJiNGExNDQiOjc5NDk5MDl9LCJ2YXJpYWJsZXMiOnt9LCJyZWZlcmVyIjoiaHR0cHM6Ly9ib3JuMmJlLmNvbS5yby8%2FdXRtX3NvdXJjZT10ZCZ1dG1fY2FtcGFpZ249Q2l0eWFkcytSTyZ1dG1fbWVkaXVtPTI0OTQxMTQ2JnRkdWlkPWUxMmQzMGU5YjIzOTA3MGM1NDQ3ZDlmYjFjOTZiZmIzIn0%3D
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6fd406c020b72625c127b963483127e63a03a84b41b8a3ec4decb1ee1962c568
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"cd9685a613758a0504280cad85a66c72"
requestid
d1d2ba0f-0bb5-42b1-a7a8-038ba01f9931
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
access-control-allow-credentials
true, true
8513b470a51c13da7b86fcdbea20731f.svg
upload.snrcdn.net/e9f6e02d91880cd0e3342702acf4ae1297310c3f/default/origin/ Frame 43FD 		456 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.snrcdn.net/e9f6e02d91880cd0e3342702acf4ae1297310c3f/default/origin/8513b470a51c13da7b86fcdbea20731f.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
e6c70922ddd87f56d243d93546e56a67fa24a0df4c0caac07954e4cbb33c817d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 30 Aug 2023 21:14:31 GMT
last-modified
Fri, 23 Apr 2021 12:53:12 GMT
server
ECAcc (frc/4CBD)
content-md5
heQYuxglDmjZHUN6YsmzFQ==
age
578105
etag
0x8D90656C115386A
x-cache
HIT
content-type
image/svg+xml
x-ms-request-id
b147b1bf-901e-0099-1944-d6445e000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
456
_i.gif
web.snrbox.com/9df0d149-26bc-4e9f-ad4e-45de3166544c/ Frame 43FD 		35 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.snrbox.com/9df0d149-26bc-4e9f-ad4e-45de3166544c/_i.gif?action=dynamicContent.show&label=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&params=%7B%22uuid%22%3A%22acbab14a-19dc-4079-9f4a-4ae5f11bee3b%22%2C%22ssuid%22%3A%22d2946148-6ed1-474d-9f00-4159158ed475%22%2C%22url%22%3A%22https%3A%2F%2Fborn2be.com.ro%2F%3Futm_source%3Dtd%26utm_campaign%3DCityads%2BRO%26utm_medium%3D24941146%26tduid%3De12d30e9b239070c5447d9fb1c96bfb3%22%2C%22correlationIds%22%3A%5B%5D%2C%22id%22%3A%2245cfddc4-0b00-40ea-bb34-3ae74db24c8e%22%2C%22title%22%3A%22Widget%20with%20b2b%20club%20(Desktop)(RO)%22%2C%22variantId%22%3A7950345%2C%22variantName%22%3A%22Variant%20A%22%7D&uuid=acbab14a-19dc-4079-9f4a-4ae5f11bee3b&tracker=9df0d149-26bc-4e9f-ad4e-45de3166544c&hash=85xrur
Requested by
Host: www.snrcdn.net
URL: https://www.snrcdn.net/sdk/3.0/synerise-javascript-sdk-no-m.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.73.149.220 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://born2be.com.ro/?utm_source=td&utm_campaign=Cityads+RO&utm_medium=24941146&tduid=e12d30e9b239070c5447d9fb1c96bfb3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 21:14:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
https://born2be.com.ro
access-control-expose-headers
X-Email-Hash, Client-UUID
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,X-Requested-With,tracker,ver,X-CSRF-TOKEN,Authorization,Api-Key,X-Request-Id
content-length
35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ae.mmstat.com
URL
https://ae.mmstat.com/eg.js?t=1693430069605
Domain
acs.aliexpress.com
URL
https://acs.aliexpress.com/h5/mtop.relationrecommend.aliexpressrecommend.recommend/1.0/?jsv=2.6.1&appKey=24815441&t=1693430069706&sign=858dd879167bb732e440b3dc58dc04b3&v=1.0&tppId=21892&api=mtop.relationrecommend.AliexpressRecommend.recommend&type=originaljson&preventFallback=true&dataType=jsonp
Domain
at.alicdn.com
URL
https://at.alicdn.com/t/font_1315582_h913wblfoc5.ttf

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture

79 Cookies

Domain/Path Name / Value
.web.snrbox.com/gif/9df0d149-26bc-4e9f-ad4e-45de3166544c Name: _snrs_779ef733df39fa49cfc77523db03a0e3
Value: acbab14a-19dc-4079-9f4a-4ae5f11bee3b
.web.snrbox.com/9df0d149-26bc-4e9f-ad4e-45de3166544c.gif Name: _snrs_779ef733df39fa49cfc77523db03a0e3
Value: acbab14a-19dc-4079-9f4a-4ae5f11bee3b
.web.snrbox.com/click/null Name: _snrs_779ef733df39fa49cfc77523db03a0e3
Value: acbab14a-19dc-4079-9f4a-4ae5f11bee3b
.stvkr.com/ Name: cnt
Value: 3da14cce32c7d6f5fcf1d169766129be
stvkr.com/ Name: init_referer
Value: NNNNTvib0QRNO9IYmZaYm8iJYv%2FXGZaZl0gZG9sFgvtcXFwYNjVNNNNNNNvYUj%3D%3D
stvkr.com/ Name: PHPSESSID
Value: 8cc77f7e7452878e3696b2bbb671db1e
.stvkr.com/ Name: pc
Value: x%0B%06%FFv4%3C%CCj%89F%8A%23n%AA6%A3%3D
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z12ozrfNq7z1RKPyaOPs0thyFB8HuGNPAguH3D0daTtnskiMXJY9FLtSR41%7aba21aGiXauvnhqMJYMMi__vc1vitrHpI9stcBq3kI
.tradedoubler.com/ Name: GUID
Value: 1z11zz12ozAyifpze12d30e9b239070c5447d9fb1c96bfb3
.prf.hn/ Name: tPHG-PS
Value: 1100l8541083827
.ojrq.net/ Name: brwsr
Value: 33b7cde4-477a-11ee-b724-5dbcba05454f
.pxf.io/ Name: brwsr
Value: 33b7cde4-477a-11ee-b724-5dbcba05454f
logitech-emea.pxf.io/ Name: irld
Value: L2-Xx34X4239Wxw2WkdyvLWwKVcv1D7S2LxEiWIkXiNW6dWT4
redirects.tradedoubler.com/ Name: AWSELBCORS
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C9290BEFD088C175CF1515E1B2535CA43E06284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2
www.avira.com/ Name: AWSALBCORS
Value: XoZ1YgOGSblFUspJOvHh94GrqXdXU+K+7Goc1HDqlB59KP4R1U+M7rnqzqqOHozsyDhwnG5tVujfKJQsych2byPeqpK1kQyccy+vCI/iJfkBVeUgAcGlKVqnBgGg
www.logitech.com/ Name: AWSALBCORS
Value: L7AzzT0iaP7qgWuWwy74np2LtVA2XG4c64hQnB9IjAf/zQd0KtfZubsjFXzIlmmud9KRehpAghHvo7iNyoOmS+YdC+xqSEfa3mLlpJx0Qoiw9W06Hg7e3N+4RL1b
.intui.travel/ Name: _ym_uid
Value: 1693430068495714883
.intui.travel/ Name: _ym_d
Value: 1693430068
.intui.travel/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 1780377831693430068
.yandex.com/ Name: i
Value: r+8yZveXxUYneR1uMYcf2YfRlS8KsThZnrF8ayLcAPK0k/vTOPSjNEbMIGOt7f2119ojukT5YqjhAjzO5IxK0/mAt1Y=
.yandex.com/ Name: yandexuid
Value: 4309208671693430068
.yandex.com/ Name: yuidss
Value: 4309208671693430068
.yandex.com/ Name: ymex
Value: 1724966068.yrts.1693430068#1724966068.yrtsi.1693430068
.yandex.com/ Name: bh
Value: KgI/MA==
.doubleclick.net/ Name: IDE
Value: AHWqTUngiW9W4a4M5Z3uNF0awBQBmLCYDfSdGW2gVsBOKZuVGU_WtoYz68VOlw1A
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=x55w7k4fod98&acs_rt=1e498632e0e04c49acb438ee37d714f5
.aliexpress.com/ Name: aeu_cid
Value: 65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW
.aliexpress.com/ Name: xman_t
Value: c4U0dWKqsVK+KPF5NbzvGnjS7/noEJgLWEk3DTZ10Tub2pAG+m0j5R9sDftOOyY6
.aliexpress.com/ Name: xman_f
Value: XVnPobH1j/bjVRIVCC7RD96IEEHEk1MIqOXe8Ttql+cFDxPH6loUlU6SDbrRxLVxx9BSQYa2hAqCrED8mACF6e+M/TGHj+exVsbyIk4VgY4ZiEdqIPaftA==
.clickonometrics.pl/ Name: CCMSESSID
Value: qtv4nemnvi583fl04c9q8ladft
.clickonometrics.pl/ Name: SERVERID
Value: clx-app11|ZO+xN|ZO+xN
.tiktok.com/ Name: _ttp
Value: 2Uil1oJYpbER5KeUL3mzO7YC1Kx
.cnt.my/ Name: xcntID
Value: y28a067c2e744cd9c7
.bing.com/ Name: MUID
Value: 18064E0BA3A6612F3F7A5D76A2A660AA
.born2be.com.ro/ Name: _snrs_sb
Value: ssuid:d2946148-6ed1-474d-9f00-4159158ed475&leaves:1693430069
.criteo.com/ Name: uid
Value: ddf93440-2178-4f60-8edf-d2350dec0788
.born2be.com.ro/ Name: _snrs_params
Value: {"utm_source":"td","utm_campaign":"Cityads+RO","utm_medium":"24941146"}
.born2be.com.ro/ Name: _snrs_sa
Value: ssuid:d2946148-6ed1-474d-9f00-4159158ed475&appear:1693430069&sessionVisits:1
.born2be.com.ro/ Name: _snrs_p
Value: host:born2be.com.ro&permUuid:acbab14a-19dc-4079-9f4a-4ae5f11bee3b&uuid:acbab14a-19dc-4079-9f4a-4ae5f11bee3b&identityHash:&user_hash:&init:1693430069&last:1693430069&current:1693430069&uniqueVisits:1&allVisits:1
.born2be.com.ro/ Name: _snrs_uuid
Value: acbab14a-19dc-4079-9f4a-4ae5f11bee3b
.born2be.com.ro/ Name: _snrs_puuid
Value: acbab14a-19dc-4079-9f4a-4ae5f11bee3b
www.clarity.ms/ Name: CLID
Value: b9e31f9e204b4881a188efaa71bab5f1.20230830.20240829
.aliexpress.com/ Name: xman_us_f
Value: x_locale=de_DE&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%2265ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW%22%2C%22af%22%3A%22Q1wWrl%22%2C%22affiliateKey%22%3A%22cD4TW1tW%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22177836407%22%2C%22tagtime%22%3A1693430068662%7D&acs_rt=1e498632e0e04c49acb438ee37d714f5
.aliexpress.com/ Name: aep_usuc_f
Value: site=deu&c_tp=EUR&region=DE&b_locale=de_DE
.adnxs.com/ Name: uuid2
Value: 2076332971733711912
citydsp.com/ Name: userId
Value: 11952992813
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2In<fTZ(%!]tbPl@/D!9hy6]/Cr.Mj6$_Khf4bj/k()2i.z[(h/Cbe3ap=u24NhbiIy3.32ZT@?12cgMIY>m*bpRz*qF1`*bdVX+msAr
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 18064E0BA3A6612F3F7A5D76A2A660AA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 18064E0BA3A6612F3F7A5D76A2A660AA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.media.net/ Name: visitor-id
Value: 3364316691491588000V10
.media.net/ Name: data-c-ts
Value: 1693430069
.media.net/ Name: data-c
Value: k-wq8BhHIr8tP3DqG47f46zqWMOvYfmRx17Cc3nQ~~3
.demdex.net/ Name: demdex
Value: 32393703817498643881008748944862528696
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22352e19e0-477a-11ee-9608-81cf63597e83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22352e19e0-477a-11ee-9608-81cf63597e83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22352e19e0-477a-11ee-9608-81cf63597e83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22352e19e0-477a-11ee-9608-81cf63597e83%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-_ArHG3Ir8tP3DqG47f46zqWMOvYt5__IJithgw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: ZO.xNUoYjNHZ5WLVS1ByuwAA
.casalemedia.com/ Name: CMPS
Value: 3172
.casalemedia.com/ Name: CMPRO
Value: 3172
.omnitagjs.com/ Name: ayl_visitor
Value: 789ff40febf58d64779d314d08bc168e
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-uJ2peHIr8tP3DqG47f46zqWMOvY8UTO1il1pBQ&KRTB&23144-uid:k-uJ2peHIr8tP3DqG47f46zqWMOvY8UTO1il1pBQ&KRTB&23286-uid:k-uJ2peHIr8tP3DqG47f46zqWMOvY8UTO1il1pBQ&KRTB&23287-uid:k-uJ2peHIr8tP3DqG47f46zqWMOvY8UTO1il1pBQ
.pubmatic.com/ Name: PugT
Value: 1693430068
.dpm.demdex.net/ Name: dpm
Value: 32393703817498643881008748944862528696
.krxd.net/ Name: _kuid_
Value: PxEtTN0N
.tremorhub.com/ Name: tvid
Value: 1960d99439354e59a3ef28b578a89087
.tremorhub.com/ Name: tv_UICR
Value: k-BZWX6XIr8tP3DqG47f46zqWMOvb4NtJyL9CGbg

7 Console Messages

Source Level URL
Text
security error
Message:
Refused to frame 'https://www.avira.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.avira.com *.avira.org *.avira.net *.prod-blog.avira.com prod-blog.avira.com".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.logitech.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://ro.ombre.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://delivery.clickonometrics.pl/service=8847/tm.json?sid=8847&cid=178&pid=18683
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663(Line 201)
Message:
Refused to get unsafe header "x-req-t"
javascript error URL: https://campaign.aliexpress.com/wow/gcp/ae/channel/ae/accelerate/tupr?wh_weex=true&_immersiveMode=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&wh_pid=bestseller/Bestseller&aff_trace_key=65ac0e17ad5146f891243ffe750082f2-1693430068662-09123-cD4TW1tW&ts=1693430068663(Line 201)
Message:
Refused to get unsafe header "x-req-id"
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
acs.aliexpress.com
ad.360yield.com
ad.yieldlab.net
ae.mmstat.com
ae01.alicdn.com
affiliboss.online
analytics.optimalpeople.fr
analytics.tiktok.com
anilima.com
ar1.aza.io
assets.alicdn.com
at.alicdn.com
b2brocdn.aza.moda
bat.bing.com
beacon.krxd.net
best.aliexpress.com
born2be.com.ro
c.bing.com
c.clarity.ms
campaign.aliexpress.com
citydsp.com
clk.tradedoubler.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
delivery.clickonometrics.pl
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
en.intui.travel
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
logitech-emea.pxf.io
match.sharethrough.com
matching.ivitrack.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
p.clarity.ms
pixel.rubiconproject.com
prf.hn
r.casalemedia.com
redirects.tradedoubler.com
retagro.com
ro.ombre.com
rtb-csync.smartadserver.com
s.click.aliexpress.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
smct.co
sslwidget.criteo.com
stvkr.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
upload.snrcdn.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
web.snrbox.com
wrap.tradedoubler.com
www.aliexpress.com
www.avira.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.intui.travel
www.logitech.com
www.ojrq.net
www.snrcdn.net
x.bidswitch.net
x.cnt.my
acs.aliexpress.com
ae.mmstat.com
at.alicdn.com
104.18.39.155
104.248.36.113
108.128.125.55
13.248.245.213
13.59.220.190
138.201.230.88
141.226.228.48
142.250.184.194
162.144.15.124
162.19.138.82
163.181.92.173
178.250.1.11
178.250.1.9
18.157.60.246
185.255.84.153
185.86.139.102
185.89.210.90
185.89.211.116
188.165.150.177
198.47.127.205
2.20.209.93
20.122.63.128
20.73.149.220
212.106.0.17
212.32.251.44
23.213.165.82
23.35.228.23
23.35.237.56
23.36.163.106
2600:1f18:612b:4232:6a8:b2f5:a36e:3d52
2600:9000:21f3:6e00:8:e5f0:bb00:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:20d
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:780::210:ca3b
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.124.28.136
3.127.96.33
3.75.62.37
34.117.157.22
34.250.62.135
34.252.43.226
34.95.127.121
35.157.69.72
35.186.231.97
35.201.76.231
35.246.200.212
37.157.3.20
5.149.162.202
5.150.170.4
54.246.192.162
54.72.250.72
68.219.88.97
69.173.144.139
70.42.32.223
85.17.170.54
85.215.5.31
89.108.116.233
91.134.222.90
95.211.33.59
99.80.122.212
00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74
017d209548fb8f91cde04b7acbd9fca875e2b6693e5fee3afe49dff71f17e8d8
02f16ecf7228819d2160bfffa94faaf9cfc964db827b375155b22ba6203a9cfb
031e3a523f3366b8961c29ec373e91107fd3b94740a600ae472fa3e54cb8dbba
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0b34e09becfe94319ba1319d3788481840da307eff8df218497919e9293ab610
0dde2f9058be88832dc7937239ec1b49007efd030017d5f252019c8cbb3ff3da
10213c74aa4062d47bd99b52b8ae4e8ac37dd9bfa20680bc33777a65cba34a29
11c914cb33c0b403f1f01ce72220302ae736c4b6f5271669f043d3f210c000de
11d7fd220d291a6563b604e19f0e6be016f1efef45fc9912d2ddc36c1ca0b532
14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee
159639cbb246559ef5850ad625ef9bf7f0f0952acdacdcbded3db76e3261000a
1b1fb1c4a230c7621e23c3d17c40e616d47c4534f243ede5384908c64a5653c0
1c128d569ffff83797895d2f73f7321d7fff2e3d4f206759d6d5ecea6bf6812c
24f232c01e8a4b82f86a193909bdc2408825b5913c7bda0e3138203db5e8b8bb
2750ea533fea6a5d4ae0aea11053594fcf8ddfc09d36f0b1733713a5f2325b00
298234128064a047a5f3e82a59cce4dc1371a3c91e6dae8516162af3e09a14e4
2a333917e81fa584cc503439b9f338f5fcf842d906f7cb9d414d0765951e914f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d3ff80dc49c08bd9982df33d6dc5c6c0d223dab3636a7c9115f65f0a8af342b
2d8ca5c11c2df82487a2e22b41cf1068f68fea2bb5f44b61094f74c0ec7360c9
2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
2fdc86ded435ac0a8fb0dd6bcf65432d698b58fbe67ca5b74e84aa43f7e7176b
303a15bcb51100dbde0a5503e024709c152e384458c0f26b0eb85953650a5d11
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34cd7c04f3f99b7928ac74dbf5f50a03548b86deb3da630c439d8b797f311ec8
34e9bbf714d2a5b5e3d1d79c2affdf2a506ec54e422e8c5ff5f67f1b933692f3
35a8b42291423fedd546b69cb79eecdb8c177242f78015e9dfae9f27e586c8fa
35f821bc57680410719dbb11647917595152881ad4a4803a445e0ce62045fa25
382e6b7faa91bde40364844993d88d7751bdf285f2cc3ab709a2f298db3a33f8
3b73e9995fab66a7e65df9609d5af0e073fe7fe6538cdf4fbca896fab774e53a
3d319be203b3ec081fac4924834b69c650986105b7df6305bdb420b9b203d356
4009e508caa1fb0ea906ca6a7ba1ec7daa3dcfe053fc040a779facc350e67930
40b702f0c31c2a725cfbebb630b83bd384bb7ca33748939101d583b0d26cf5a0
42797e694586c69bfea1ebdb17d9dc0ffc27f7dcd2d5b2c8173e2eb1365b07a3
43988e80221f7dd7cf2077d98c73cf7b24e73e380906700cd6970a655bfd517c
440276add45d593f6cc2ab9fe6702cb9c7799c2aedf19ba663fad874740c6f0c
4756004f36b5d827a5013ee2815de64d6e20cc1e9fa1be611b231ad467ea70b1
48a06cf206c80a0134079b10660bd8a699ba9253ae4d52dbbc0f84be6f949f70
49ccba3840c9a78f2244b16582f28376e081fcf31e863f66dd597273cb598e97
4a2eb4f79f0568648dc5edc69775fc8b019a596090a703adadadf1b96fef9478
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1187fe8236645ca0b8ec12d74322bf8a7039ccd171480fa9cf338f7be1a4fe
4d648aa9d55747b11b6871c8c8909e471f2c4f0ab8aad6381e45fca0051505c5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519cec44883362be82517f9e81ca79b5805d919ef8d35731b6db1a31289372a4
52769ed199ce244f4d13d01f7fe20858981317de3b784f073471499aef9802f7
545950798efef023632ac0b3b3b10150cd5b219780f67f2a355e3d7652b79392
5487606b2d0b127c94e2ba6b62206261e48be388ee11b8cb606eb8717721df50
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5b008874fb7e012931bc19e8c1ab17f1268186535a434e54b4da83aa1d15b4d8
5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0
5fe224ff24be747f20aa0f2b61364d04c3f55ad7f178774bccdf5bc289071f1b
6020e427b36fb3424f6ef3a839d93a0efeca5de1a5be01e2c2e3dc1de3f75e05
6168047d03cf206c5bb8321f3dec5ebbcace39076f7e75cf4d0ce97ba00fdffb
62f42e9a095660579b3f7e6e2b0708c61ba3efafa00c4104b5f2b781cf530c2b
649ffaa6e6b8c3a2018d4142895400d62df885d590752802168e3c5ef7a3b60c
68f89004f9b04c018050a11ccc3427167255ec0ba8af33f6828c22af806a3118
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aeffb8c9738d45ff98de0f9649e197ca2fd5db9eef5f56417c683ff8a192f0b
6bf8df44f7114fdd6681bbd921777806bc6d3894fc804198fc65f2b4f13b0007
6c2d48f97e0ce8880732dd9ac78300874848a3be9d025b77703c688961956dae
6c827d6fb5dd135e6a2efc42bdb06a55fc948e921d90cf8747f03892c6d3644a
6fd406c020b72625c127b963483127e63a03a84b41b8a3ec4decb1ee1962c568
72198370aa042ea05b548a75295863e355c6b571dc721d2d5408c05077a23486
764380bd6e132a6d7d63e155f6cb511209364d8e8d483b4ae2be18d4565153dc
76aaf9da38f7ecf6e12b9d535de4ccd8ed06baff7c49e94337be55e4a397fd17
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867fcc29b69777b4e0e32977a929b76658393623e46a7ff3f00361224c709963
8835419bb85afbbe94c9a38ee8bc9ee44053b1b023f398ca4f3a1c390d2162d5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90e1db577b1063e43a697ac6981cae1e33b90c690c1860a792baae68e286cb05
998765d18b8ec56c0ac4ea0842ec8064701a4ba62f5cac4ff961e81706ce0abc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c10592ca89f36f2aca44bc48d1f3dd0173587c0962f0cd728c37ad56c0b9ab4
9c924aeda50f8d0d9c161277f4a962dce1328f0a24eb79542d73bcb8bdb63372
9d09c33dbb704248abecc2da64ca88019ab416e8ec3f720692f9fa78981cfc06
9d22640473217e6f4805481deaf3ae56d0ced6b904e3f93438b7e0b3e68387d3
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a150feef5970c98c6a2a43eda78a0c42af601de68624848b6a93b84f67d32f76
a213ac74ea19de1f30eb2e55170f8879b16d2ce6ec05caa1fa5d54090faf0075
a2e53bd019ac51e3a6d8764e6ec355bcd41702ed574c763bd42548eba8f1aca6
a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc
a7725581f9b9aeff5856ef888347c7bb6d0bbb8516a7b089ab6b3443abf41976
a894a489873ec0665de193d8372811744a4bb407c1bae6d8ff0aecbae504aa6f
abfcbbb9296d0de9b3aad1378c32c9e54eb8f927fd38656b063ee304cd041e4d
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac4bb61a2ab9cc5efba98be18ed8a57a9bad085700076114ad75492510b8265f
ac7500849b383625d514e8d9c2e5fe5dff6a843902d40f4fe31b0d445d4449bc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c7850ed638374ad0cf2813b60fc0db2abfb2d99266511b9e8f5ad315b0b5e0
b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723
b6234f30198864922c6dc1b2ded163987856da7125df390f1076bb81f0eeaa0a
b75c4eee283e98bf2873373150e53923642619c5fe7a5d842eb30f9220bfc728
b7dfadaffda07b9a977f9acb4bf2dca5cb5b2749ae5b283fbc90985e83c318ff
b8ecd6c7516c1b118fdaf1419b11a30055463a374c8043f6fb4d847b92fc7384
bac03069af99b277d6eafb79d1ba9cbfc704df87640e5251736a37b0d523a5d4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd74392cb801f844198e31c7f7ed1a26c877f52831ec5cc819adfde5db04a5d
bf1bbd8a36c1dace8463c8dbad146bba651d8524bc63b3a4e8bbedabe6684a6e
c2f8408fe385be554626a4a2161c7000a995ae2ad9e53b16c766aa0722bae774
c37685f6f76495b0a4c9a9fcef0d11655ee15718d94df625bcafc449e1b57345
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c91b327d67cbe81e5dea1abfc2cd109cee616d95671b49c12536b540277e04bb
c93dc410be94729fdcd2813d43eee9fde460df431630002cf14cc20d221c75e7
cf2ed5e14fc3f155b30282f1a1a1af2a3f0242075b61bb3bd5de8b551522af04
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d7d2d40dcc99c824825d79f7a3381d215947779b296df2d228249038feb13aa1
dd372ad3b40e39fcf65c64929f804f45a0e5c99bc8752bf8bffc8e1e9ba4b64f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e11b00ce42e2e49a5c7010c2c7029f51dd4e1158b4df5b00323521e648c1c0b4
e2cce6235f6c11bf7b45c1408f2bcfb7bb4322fb5d6cefbf84ff004fe44d12e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e497ca2f599a68685b917011c3b77b12b5d5da7fc2b6dcbd43d49517cf409706
e5a160becb059a8a2b731bdb31b075aa290879cb6dca389d155bc468c83afc5c
e6c70922ddd87f56d243d93546e56a67fa24a0df4c0caac07954e4cbb33c817d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f408990846b4b410ea9280f9615e34f3acd98bdf230b27565bce7f4845f6fc3e
f5df45765234464e4133bbbf212a232defc949e2b8e34aad5a883c6bb923ab48
f66ac2bc3b144d5600efef605487c87be684e153ca212dd59630cccc26a54c48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa9ff5f91da78bbcefb5a094db69e00af834e4a8714c3c570857217d258ae63f
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5
fd6bcc100df7f74365c82a436e30b631ed18d7c443fd36468d95e23e1ac0a433