urlscan.io logo urlscan.io
SecurityTrails logo

ro.play.dacredit.md Open in urlscan Pro
185.225.16.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://play.dacredit.md/
Effective URL: https://ro.play.dacredit.md/
Submission: On August 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 62 HTTP transactions. The main IP is 185.225.16.152, located in Iasi, Romania and belongs to MIVOCLOUD, MD. The main domain is ro.play.dacredit.md.
TLS certificate: Issued by R10 on June 20th 2024. Valid for: 3 months.
This is the only time ro.play.dacredit.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    185.225.16.152 (Iasi, Romania)

ASN39798 (MIVOCLOUD, MD)
PTR: mail.names.md
play.dacredit.md
ro.play.dacredit.md
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    217.20.152.207 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip207.152.odnoklassniki.ru
connect.ok.ru
13    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
mc.yandex.md
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
36 dacredit.md
play.dacredit.md
ro.play.dacredit.md
1 MB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
161 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
71 KB
3 gstatic.com
fonts.gstatic.com
109 KB
2 yandex.md
mc.yandex.md — Cisco Umbrella Rank: 58462
864 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 ok.ru
connect.ok.ru — Cisco Umbrella Rank: 57641
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
73 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
11 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
34 KB
62 13
Domain Requested by
35 ro.play.dacredit.md ro.play.dacredit.md
8 mc.yandex.com 2 redirects ro.play.dacredit.md
mc.yandex.ru
4 connect.facebook.net ro.play.dacredit.md
connect.facebook.net
3 mc.yandex.ru 2 redirects ro.play.dacredit.md
3 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.md 1 redirects ro.play.dacredit.md
2 www.facebook.com ro.play.dacredit.md
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com ro.play.dacredit.md
1 connect.ok.ru ro.play.dacredit.md
1 www.googletagmanager.com ro.play.dacredit.md
1 use.fontawesome.com ro.play.dacredit.md
1 cdn.jsdelivr.net ro.play.dacredit.md
1 play.dacredit.md 1 redirects
62 14
Subject Issuer Validity Valid
play.dacredit.md
R10		 2024-06-20 -
2024-09-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.ok.ru
GlobalSign RSA OV SSL CA 2018		 2023-10-04 -
2024-10-02		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://ro.play.dacredit.md/
Frame ID: 98A00365CA22914262243C3C92820D82
Requests: 72 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 4D224653E0F8B1EF57B7E5F30136C60F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DaCredit

Page URL History Show full URLs

  1. https://play.dacredit.md/ HTTP 302
    https://ro.play.dacredit.md/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

62
Requests

35 %
HTTPS

67 %
IPv6

13
Domains

14
Subdomains

13
IPs

4
Countries

1757 kB
Transfer

2572 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://play.dacredit.md/ HTTP 302
    https://ro.play.dacredit.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10466.rTRWp9Box4_qZCCnkemYy78BxJGsVrWT2c8NWfpeasowAe91OIOHZN-SwiIb0B9P.20m757IXgeyHvBneRAoOyFc7eUc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10466.cjulYX7xP_aDHBH3n8uivuFIVuDHZBZXyEnp0tqjTVKv0G2n60BFvdTXJSA0YGIXGLcjEOCtmVp7ERYPC1K4w3g5lwtpbu8hRezmuhbCDHquLYaCcp9vW4EoabmZaIGDwTf-mFb2nTihDJ_jGDIeHhWdtAdjN3WkdqWPf5-EnARTcg5jmVGzZ41tzWkjIKeZ8hEH9h_KUsxspeO0G2B6hwLrk3RQakO8fD1bA5hwUZA%2C.36HBVAoeS8b5GlhDSgXSzOFCjUw%2C
Request Chain 65
  • https://mc.yandex.md/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.md&token=10466.7G9UE8JIRR651hC9vUxppwJLq9RMhAW-KVKA7RIPRUponvGUZ5z18XFmhkKuZZoH.eiWmMgXZbY06dV4Bvxwi7y0kXAQ%2C HTTP 302
  • https://mc.yandex.md/sync_cookie_image_decide?token=10466.lT-q8Kvb75o4MWjvN7yAlsMxJaL2BNfwdethV9lfevH6KBE53CBw3U9jnf6GMRLukHkVkkmaJQm4EQXJ_RWiAdTzgUrvEZo38b7LRNIilQ6vHHzA8IE5F3lOORjnR1Lz6wsSWQMTcptvyD4TW3d2xetGTi4dNGzFODdWDyeO3aBHdWT8yg2ID4P6-KI2XkWskU34MryLlSoLYaI-fdSGxRKWHTRZPrY45P1K2xBhltY%2C.OrU9xI1ZNjmxzFrahM8o9SDmwjY%2C
Request Chain 68
  • https://mc.yandex.com/watch/51273733?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A554637396538%3Ahid%3A885539772%3Az%3A120%3Ai%3A20240819110936%3Aet%3A1724058576%3Ac%3A1%3Arn%3A1009991224%3Arqn%3A1%3Au%3A1724058576840650082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9078%3Awv%3A2%3Ads%3A0%2C682%2C205%2C3593%2C1148%2C0%2C%2C5073%2C0%2C%2C%2C%2C10986%3Aco%3A0%3Acpf%3A1%3Ans%3A1724058564622%3Agi%3AR0ExLjIuMTUxMjI3NDY3OS4xNzI0MDU4NTc2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724058578%3At%3ADaCredit&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/51273733/1?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A554637396538%3Ahid%3A885539772%3Az%3A120%3Ai%3A20240819110936%3Aet%3A1724058576%3Ac%3A1%3Arn%3A1009991224%3Arqn%3A1%3Au%3A1724058576840650082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9078%3Awv%3A2%3Ads%3A0%2C682%2C205%2C3593%2C1148%2C0%2C%2C5073%2C0%2C%2C%2C%2C10986%3Aco%3A0%3Acpf%3A1%3Ans%3A1724058564622%3Agi%3AR0ExLjIuMTUxMjI3NDY3OS4xNzI0MDU4NTc2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724058578%3At%3ADaCredit&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ro.play.dacredit.md/
Redirect Chain
  • https://play.dacredit.md/
  • https://ro.play.dacredit.md/
48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PHP/7.2.34 PleskLin
Resource Hash
3fcfe387487248a61cf24172487a046d17ff35c7a9e12466987f9da0c1341590

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Aug 2024 09:09:26 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.34 PleskLin

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Aug 2024 09:09:25 GMT
Keep-Alive
timeout=5, max=100
Location
https://ro.play.dacredit.md
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.34 PleskLin
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 08:37:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 09:09:32 GMT
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 08:25:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Aug 2024 09:09:32 GMT
master.css
ro.play.dacredit.md/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/css/master.css
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
da18b1420618f3d9a7731621bfe7b2ef3083024c31898a12be48fd8d5a514ee2

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:31 GMT
Last-Modified
Sun, 18 Nov 2018 18:11:24 GMT
Server
Apache
ETag
"16e1-57af454086b00"
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5857
style.css
ro.play.dacredit.md/css/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/css/style.css
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
14f5c3eb7f9e06e8635edc96703114612a4f999a9b2d26791ea96ba61531494b

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:31 GMT
Last-Modified
Fri, 30 Nov 2018 14:47:00 GMT
Server
Apache
ETag
"3717-57be2df232100"
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14103
mobile.css
ro.play.dacredit.md/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/css/mobile.css
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
2781f3d6cab0de83a3b9209b21782abd79eff6f72cb5040ba02e058686fda63d

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:31 GMT
Last-Modified
Fri, 30 Nov 2018 14:04:10 GMT
Server
Apache
ETag
"1fa3-57be245f40a80"
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8099
jquery.min.js
ro.play.dacredit.md/scripts/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/scripts/jquery.min.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:31 GMT
Last-Modified
Thu, 22 Nov 2018 17:04:02 GMT
Server
Apache
ETag
"1538f-57b43da79e480"
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86927
ismobile.js
ro.play.dacredit.md/scripts/ 		434 B
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/scripts/ismobile.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
a47b58e49300d8df0134c25d423e34add5344e7a6b71e94090b8bde74c304f24

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:31 GMT
Last-Modified
Mon, 10 Dec 2018 17:27:34 GMT
Server
Apache
ETag
"1b2-57cae47c80d80"
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
434
l-question_0.webp
ro.play.dacredit.md/images/questions/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_0.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
44e4bb677b869d32a67ad9a9f7f459906f38da1b1885bab6ec4546cccbd5d06c

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:32 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"b198-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
45464
l-question_1.webp
ro.play.dacredit.md/images/questions/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_1.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
9e70cc54827af627e39ca7ce5a1d84bfd1943772c697f899ffcb42cc0ca26824

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:32 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"90aa-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
37034
l-question_2.webp
ro.play.dacredit.md/images/questions/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_2.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
e7574b1eb9443ec183fb6b8ec6c93ef2f7adaf8e18aecc8ed7b68228f54a598c

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"7ab8-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
31416
l-question_3.webp
ro.play.dacredit.md/images/questions/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_3.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
586d4172af816704066eb8ef1225c87621880b1e18f9ee1cf914e7e0eae19812

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"ab4c-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43852
l-question_4.webp
ro.play.dacredit.md/images/questions/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_4.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
9b868d22060d9e34392d23e25c8a456e89b706ce32f6a6a28f959c0c6673c052

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"a8b6-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43190
l-question_5.webp
ro.play.dacredit.md/images/questions/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_5.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
2dd8ebd3f1076fe490d5fa46b8c9ba2c304dc108f14bd89301c49b4407a3b5a3

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"9264-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
37476
l-question_6.webp
ro.play.dacredit.md/images/questions/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_6.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
c8e20705393c3d0abaa768efeed75435d2e7457dce60c55b985c134198bfae03

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"b3f2-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
46066
l-question_7.webp
ro.play.dacredit.md/images/questions/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_7.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
5ff6550c27e563f598665e964bba04d9fbfee49b1084f772a4da88021fc5ad5d

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"a842-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43074
l-question_8.webp
ro.play.dacredit.md/images/questions/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_8.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
1944f4d5a5c3511f4ac2be62ba81bbe079fc697adf31b75b20fa81d2593d2af0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"9a04-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
39428
l-question_9.webp
ro.play.dacredit.md/images/questions/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_9.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
c236c05cb552ccdaa6709b34d9f6f74c1762e74452d6e3d4eb4a838c3bcc81b3

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"8f5c-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
36700
door_closed.png
ro.play.dacredit.md/images/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/door_closed.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
b0c77071ca93a789bc9a8e61f1811f6743b427cbc76a68cda15c2a7caf642d56

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"341c7-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
213447
result_pers1_Rotshild.png
ro.play.dacredit.md/images/result/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/result_pers1_Rotshild.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
a08dee5d4e00ba751788f834e8b6dc78f77bcf69aba291afecd9dfacc8c4227d

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"9590-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
38288
result_pers2_August_Belmont.png
ro.play.dacredit.md/images/result/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/result_pers2_August_Belmont.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
abfbc7f294173be90916e540a50790ba32eb60171f2a9a2c41589dfda1f8b55b

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"8465-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
33893
result_pers3_William_A_Clark.png
ro.play.dacredit.md/images/result/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/result_pers3_William_A_Clark.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
291c2e0c34bbaea7e76de584e0097ebffd3221b8f90c79d22d8e45304920eb0a

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"a204-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
41476
result_pers4_Andrew_W_Mellon.png
ro.play.dacredit.md/images/result/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/result_pers4_Andrew_W_Mellon.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
7ad1cb139471b72efd7d8cdc7e701585d36597a12b5479a7f59b4147c652472c

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"82b4-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
33460
result_pers5_looser.png
ro.play.dacredit.md/images/result/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/result_pers5_looser.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
acb94746585f1b13693b2278bcb94a3b4f2b914540a3ed05eb3103dca8defae3

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:34 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"ad93-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
44435
resultdecor_left.png
ro.play.dacredit.md/images/result/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/resultdecor_left.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
5458a46c8f953e14c138e6bc8ec88545eba8fbaeda037d051b4477e466de5a6f

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:34 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"11b4-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4532
resultdecor_right.png
ro.play.dacredit.md/images/result/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/result/resultdecor_right.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
23262938846bb7422c6c7acde61bd4241bff7b7243b7964aa5665642c65c20fc

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:34 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"11b6-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4534
index.js
ro.play.dacredit.md/scripts/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/scripts/index.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
2c9b0e8de9d8dfe2567983cec4b0d770a867b99cf11bf42be8d957c6e0061293

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Mon, 10 Dec 2018 17:27:34 GMT
Server
Apache
ETag
"36dd-57cae47c80d80"
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14045
modernizr.min.js
cdn.jsdelivr.net/modernizr/3.3.1/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/modernizr/3.3.1/modernizr.min.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb9ae14a6c0f49019ef372b5a7a72e7534317e230dbadb870880749fc0aabc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 09:09:33 GMT
age
1736905
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34230
x-served-by
cache-fra-etou8220156-FRA
etag
W/"16a2d-AKo3TgztF5wIAJTiPM2ABg0/Uuc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
dacredit-select.css
ro.play.dacredit.md/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/css/dacredit-select.css
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
d12787a668782b56a6cad6576320bb528d1af23760ace0685e18565d65b3110a

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Tue, 27 Nov 2018 16:27:57 GMT
Server
Apache
ETag
"afb-57ba7eea37d40"
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2811
dacredit-select.js
ro.play.dacredit.md/scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/scripts/dacredit-select.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
d83aaebc7e8e790183e753c0f57f5a695d2b194f7b8087e89ce45b0382fb65f9

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Sun, 18 Nov 2018 18:11:25 GMT
Server
Apache
ETag
"bbc-57af45417ad40"
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3004
all.css
use.fontawesome.com/releases/v5.4.1/css/ 		49 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

Referer
https://ro.play.dacredit.md/
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 09:09:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"beb60a9475685e87a9738a7306591e69"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJ5yW2lEC759BZstu5SLnXGBq4xUxQu9AvYl3UvWq1KfG9gy3M3gs0azRXWNTzf0EQSkC7tc5tMhnx8Hd%2BbiFVIxDwO3iXeeW8ziQJsQkX8uAQdkZsow4RO%2FK25BvmgT2ZqiPvW4qCIONAt%2Be5RvB31f"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
8b590166d94a3657-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		200 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129731421-1
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3014cabe53b1cb483af60ddaa483f272b2ea1caf4edaf2a1932f18a27cfd60e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 09:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73886
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Aug 2024 09:09:33 GMT
DA-credit-logo.png
ro.play.dacredit.md/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/DA-credit-logo.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
dd59e541ab6493b7b27a48008e90f27e626de37d7391d2bed9bd16c913638c67

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"d9a-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3482
flags_ru.png
ro.play.dacredit.md/images/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/icons/flags_ru.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
22583b83bd3d112d39f4a89d305868d1ebb4eb736809b996668ef54d9b454087

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Fri, 30 Nov 2018 14:04:10 GMT
Server
Apache
ETag
"e76-57be245f40a80"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3702
button-bg.png
ro.play.dacredit.md/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/button-bg.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
e0be2acaff8171bff34cf2950e154a7c07c5f83b757f072c388c064fdfb6e23c

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Thu, 22 Nov 2018 18:08:31 GMT
Server
Apache
ETag
"579f-57b44c11625c0"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
22431
0+.png
ro.play.dacredit.md/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/0+.png
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
2c1c16120feead8e33655f908ca3c65680c714d6830568363e7880c025859a06

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:34 GMT
Last-Modified
Tue, 27 Nov 2018 16:29:18 GMT
Server
Apache
ETag
"155a-57ba7f3777380"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
5466
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
500771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:03:23 GMT
Open24DisplaySt.woff2
ro.play.dacredit.md/font/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/font/Open24DisplaySt.woff2
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
a14e0151b2ac69c4671d7da7cb4bb01142b1952e4b414108a495fc7211a73b50

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:33 GMT
Last-Modified
Sun, 18 Nov 2018 18:11:24 GMT
Server
Apache
ETag
"179c-57af454086b00"
X-Powered-By
PleskLin
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
6044
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 17:23:05 GMT
x-content-type-options
nosniff
age
488789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 17:23:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:29:10 GMT
x-content-type-options
nosniff
age
499224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26736
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:29:10 GMT
truncated
/ 		667 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		203 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jp2
truncated
/ 		121 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/vnd.ms-photo
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
96e11737-9f35-45ac-9a32-1d289bb1a214
https://ro.play.dacredit.md/ 		47 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ro.play.dacredit.md/96e11737-9f35-45ac-9a32-1d289bb1a214
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
47
Content-Type
text/javascript
truncated
/ 		47 B
47 B 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
544350f8-2a6a-4cfc-8f87-e25de8dc22cd
https://ro.play.dacredit.md/ 		19 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ro.play.dacredit.md/544350f8-2a6a-4cfc-8f87-e25de8dc22cd
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c03e8889848a13066f74847df0f2de5b414c8b058eb706d0e9ed4630dea1a336

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
19
Content-Type
text/javascript
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0e68d8d64706edd9c23cb49819b226aa7a6f805fc4bcd7d8fa3032f09edbc5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 09:09:35 GMT
content-md5
BdZRQL2Ni6bFDDD8mT2ZBQ==
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=1, c=14, mss=1297, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
KYSiykEPbt4mv0RNefgF5hXUqP6xgOKJcsEEgv8glLq0fR5bggNqBYTOXq/4waPx3Skf7Av/ApYAeJDOZcra7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
02f16b29e5b70e6a43c2a7216adbc671
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"c9b97f87ca375829a5226623dd5800d0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 19 Aug 2024 09:27:50 GMT
connect.js
connect.ok.ru/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.ok.ru/connect.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.20.152.207 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
ip207.152.odnoklassniki.ru
Software
apache /
Resource Hash
3b672a69cf35a1540aeb8228010b2c5874cd5b90a027b115ac0845f70f05ebba

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 09:09:35 GMT
content-encoding
br
server
apache
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
tag.js
mc.yandex.ru/metrika/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:35 GMT
content-encoding
br
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66b1ec49-11660"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71264
expires
Mon, 19 Aug 2024 10:09:35 GMT
background.webp
ro.play.dacredit.md/images/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/background.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
df161b84cb21baf9a943d61f2958b9e43b7b7b6fff972b2bb68b37e370296076

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:35 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"2fc72-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
195698
l-question_0.webp
ro.play.dacredit.md/images/questions/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ro.play.dacredit.md/images/questions/l-question_0.webp
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
44e4bb677b869d32a67ad9a9f7f459906f38da1b1885bab6ec4546cccbd5d06c

Request headers

Referer
https://ro.play.dacredit.md/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:35 GMT
Last-Modified
Thu, 22 Nov 2018 11:59:56 GMT
Server
Apache
ETag
"b198-57b3f9aee0700"
X-Powered-By
PleskLin
Content-Type
image/webp
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
45464
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 09:09:35 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=1, c=20, mss=1297, tbw=6644, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
lPr8G1U7Zcyll27P/PVg/Jm7ShGG9Bpk5MaHIYCp7gZZ3K3zxfmvf135/uRYK7UW0H+GKCmqvzHGL+aoii7Mxg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129731421-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 07:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6870
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 19 Aug 2024 09:15:05 GMT
sdk.js
connect.facebook.net/en_US/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=436c85401a1dffa79f12f1e8b14d50db
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
d4218ca7fc4dc25efa2e9aada1d180e3c2e92c2c0914cbaca711c5ee0415339b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ro.play.dacredit.md/
Origin
https://ro.play.dacredit.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Aug 2024 09:09:35 GMT
content-md5
H8yaO3wgOeVLMoIA4iLO7Q==
document-policy
force-load-at-top
x-fb-server-load
74
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89159
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4355, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
WWOJso7xaUAEI2/6wG2Zj8kiMhk6KBIkx7GzUaGy21vWIKroE4Jp1mjeiBRc2OLqFyqoFV34dKfI2WNbb6erXg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
4d06d76a2b5d9284a1ef5f03ae349bcd
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"633313589da154aaaed328d342c3118e"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Aug 2025 07:47:47 GMT
1876296235969325
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1876296235969325?v=2.9.164&r=stable&domain=ro.play.dacredit.md&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e1816cfa5564d8856d201edce6e0e91cc8c67fdb2c4caea39eb1467faed0680c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 19 Aug 2024 09:09:35 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4464, tp=11, tpl=0, uplat=61, ullat=0
pragma
public
x-fb-debug
Yi+1HTY4b3jxjaCCHuWV0sL11+Hc+jhHEIPQ5/YoZx6m6MIoVFunURJoMhOomZdmz/xC2xBWoxSIMIZcZa8Q2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1074798100&t=pageview&_s=1&dl=https%3A%2F%2Fro.play.dacredit.md%2F&ul=de-de&de=UTF-8&dt=DaCredit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=267468734&gjid=1686407766&cid=1512274679.1724058576&tid=UA-129731421-1&_gid=270582819.1724058576&_r=1&gtm=457e48e0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=12267183
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 09:09:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ro.play.dacredit.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1876296235969325&ev=PageView&dl=https%3A%2F%2Fro.play.dacredit.md&rl=&if=false&ts=1724058576101&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1724058576094.907741627907611041&pm=1&hrl=ac0411&ler=empty&cdl=API_unavailable&it=1724058575909&coo=false&cs_cc=1&rqm=GET
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1297, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 19 Aug 2024 09:09:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1876296235969325&ev=PageView&dl=https%3A%2F%2Fro.play.dacredit.md&rl=&if=false&ts=1724058576101&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4124&fbp=fb.1.1724058576094.907741627907611041&pm=1&hrl=ac0411&ler=empty&cdl=API_unavailable&it=1724058575909&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 19 Aug 2024 09:09:36 GMT
document-policy
force-load-at-top
x-fb-server-load
29
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7404775201924113397", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3145, tp=-1, tpl=-1, uplat=145, ullat=0
pragma
no-cache
x-fb-debug
duis4fJkjjuOeJFaOczW7Bcrta3Yd6A8Utv6UTE5FOIRJep+pyaOGAtPj2fciADwGjGi80f5hT5idhlD0wdg3Q==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7404775201924113397"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10466.rTRWp9Box4_qZCCnkemYy78BxJGsVrWT2c8NWfpeasowAe91OIOHZN-SwiIb0B9P.20m757IXgeyHvBneRAoOyFc7eUc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10466.cjulYX7xP_aDHBH3n8uivuFIVuDHZBZXyEnp0tqjTVKv0G2n60BFvdTXJSA0YGIXGLcjEOCtmVp7ERYPC1K4w3g5lwtpbu8hRezmuhbCDHquLYaCcp9vW4EoabmZaIGDwTf-mFb2nT...
43 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10466.cjulYX7xP_aDHBH3n8uivuFIVuDHZBZXyEnp0tqjTVKv0G2n60BFvdTXJSA0YGIXGLcjEOCtmVp7ERYPC1K4w3g5lwtpbu8hRezmuhbCDHquLYaCcp9vW4EoabmZaIGDwTf-mFb2nTihDJ_jGDIeHhWdtAdjN3WkdqWPf5-EnARTcg5jmVGzZ41tzWkjIKeZ8hEH9h_KUsxspeO0G2B6hwLrk3RQakO8fD1bA5hwUZA%2C.36HBVAoeS8b5GlhDSgXSzOFCjUw%2C
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:36 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10466.cjulYX7xP_aDHBH3n8uivuFIVuDHZBZXyEnp0tqjTVKv0G2n60BFvdTXJSA0YGIXGLcjEOCtmVp7ERYPC1K4w3g5lwtpbu8hRezmuhbCDHquLYaCcp9vW4EoabmZaIGDwTf-mFb2nTihDJ_jGDIeHhWdtAdjN3WkdqWPf5-EnARTcg5jmVGzZ41tzWkjIKeZ8hEH9h_KUsxspeO0G2B6hwLrk3RQakO8fD1bA5hwUZA%2C.36HBVAoeS8b5GlhDSgXSzOFCjUw%2C
date
Mon, 19 Aug 2024 09:09:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.md/
Redirect Chain
  • https://mc.yandex.md/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.md&token=10466.7G9UE8JIRR651hC9vUxppwJLq9RMhAW-KVKA7RIPRUponvGUZ5z18XFmhkKuZZoH.eiWmMgXZbY06dV4Bvxwi7y0kXAQ%2C
  • https://mc.yandex.md/sync_cookie_image_decide?token=10466.lT-q8Kvb75o4MWjvN7yAlsMxJaL2BNfwdethV9lfevH6KBE53CBw3U9jnf6GMRLukHkVkkmaJQm4EQXJ_RWiAdTzgUrvEZo38b7LRNIilQ6vHHzA8IE5F3lOORjnR1Lz6wsSWQMTcpt...
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.md/sync_cookie_image_decide?token=10466.lT-q8Kvb75o4MWjvN7yAlsMxJaL2BNfwdethV9lfevH6KBE53CBw3U9jnf6GMRLukHkVkkmaJQm4EQXJ_RWiAdTzgUrvEZo38b7LRNIilQ6vHHzA8IE5F3lOORjnR1Lz6wsSWQMTcptvyD4TW3d2xetGTi4dNGzFODdWDyeO3aBHdWT8yg2ID4P6-KI2XkWskU34MryLlSoLYaI-fdSGxRKWHTRZPrY45P1K2xBhltY%2C.OrU9xI1ZNjmxzFrahM8o9SDmwjY%2C
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 09:09:36 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.md/sync_cookie_image_decide?token=10466.lT-q8Kvb75o4MWjvN7yAlsMxJaL2BNfwdethV9lfevH6KBE53CBw3U9jnf6GMRLukHkVkkmaJQm4EQXJ_RWiAdTzgUrvEZo38b7LRNIilQ6vHHzA8IE5F3lOORjnR1Lz6wsSWQMTcptvyD4TW3d2xetGTi4dNGzFODdWDyeO3aBHdWT8yg2ID4P6-KI2XkWskU34MryLlSoLYaI-fdSGxRKWHTRZPrY45P1K2xBhltY%2C.OrU9xI1ZNjmxzFrahM8o9SDmwjY%2C
date
Mon, 19 Aug 2024 09:09:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:36 GMT
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66b1ec49-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 19 Aug 2024 10:09:36 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 4D22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ro.play.dacredit.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Mon, 19 Aug 2024 09:09:37 GMT
etag
"66b1ec49-416"
expires
Mon, 19 Aug 2024 10:09:37 GMT
last-modified
Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/51273733/
Redirect Chain
  • https://mc.yandex.com/watch/51273733?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.com/watch/51273733/1?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8...
1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/51273733/1?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A554637396538%3Ahid%3A885539772%3Az%3A120%3Ai%3A20240819110936%3Aet%3A1724058576%3Ac%3A1%3Arn%3A1009991224%3Arqn%3A1%3Au%3A1724058576840650082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9078%3Awv%3A2%3Ads%3A0%2C682%2C205%2C3593%2C1148%2C0%2C%2C5073%2C0%2C%2C%2C%2C10986%3Aco%3A0%3Acpf%3A1%3Ans%3A1724058564622%3Agi%3AR0ExLjIuMTUxMjI3NDY3OS4xNzI0MDU4NTc2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724058578%3At%3ADaCredit&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Requested by
Host: ro.play.dacredit.md
URL: https://ro.play.dacredit.md/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b6d967d6b3a592c8269d5b9eaed9944714b10464b25f84e19cb58073e3460e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 19-Aug-2024 09:09:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ro.play.dacredit.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
1198
x-xss-protection
1; mode=block
expires
Mon, 19-Aug-2024 09:09:37 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Aug 2024 09:09:37 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 19-Aug-2024 09:09:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/51273733/1?wmode=7&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A554637396538%3Ahid%3A885539772%3Az%3A120%3Ai%3A20240819110936%3Aet%3A1724058576%3Ac%3A1%3Arn%3A1009991224%3Arqn%3A1%3Au%3A1724058576840650082%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9078%3Awv%3A2%3Ads%3A0%2C682%2C205%2C3593%2C1148%2C0%2C%2C5073%2C0%2C%2C%2C%2C10986%3Aco%3A0%3Acpf%3A1%3Ans%3A1724058564622%3Agi%3AR0ExLjIuMTUxMjI3NDY3OS4xNzI0MDU4NTc2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724058578%3At%3ADaCredit&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://ro.play.dacredit.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 19-Aug-2024 09:09:37 GMT
favicon-32x32.png
ro.play.dacredit.md/images/favicon/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ro.play.dacredit.md/images/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.225.16.152 Iasi, Romania, ASN39798 (MIVOCLOUD, MD),
Reverse DNS
mail.names.md
Software
Apache / PleskLin
Resource Hash
3b09ddbbbbe65fcc1d5469df6308d766b84c46df486e339ed2f257f28a34869c

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Mon, 19 Aug 2024 09:09:38 GMT
Last-Modified
Tue, 20 Nov 2018 17:05:14 GMT
Server
Apache
ETag
"9f0-57b1ba315c680"
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2544
51273733
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/51273733?wv-part=1&wv-type=7&wmode=0&wv-hit=885539772&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&rn=99596489&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1724058581%3Aw%3A1600x1200%3Av%3A1410%3Az%3A120%3Ai%3A20240819110940%3Au%3A1724058576840650082%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Ast%3A1724058581&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 19 Aug 2024 09:09:40 GMT
last-modified
Mon, 19-Aug-2024 09:09:40 GMT
content-type
image/gif
access-control-allow-origin
https://ro.play.dacredit.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 19-Aug-2024 09:09:40 GMT
51273733
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/51273733?wv-part=1&wv-type=7&wmode=0&wv-hit=885539772&page-url=https%3A%2F%2Fro.play.dacredit.md%2F&rn=25320214&browser-info=we%3A1%3Aet%3A1724058581%3Aw%3A1600x1200%3Av%3A1410%3Az%3A120%3Ai%3A20240819110940%3Au%3A1724058576840650082%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Ast%3A1724058581&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ro.play.dacredit.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Aug 2024 09:09:41 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 19-Aug-2024 09:09:41 GMT
content-type
image/gif
access-control-allow-origin
https://ro.play.dacredit.md
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 19-Aug-2024 09:09:41 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| isMobile object| sel_10_1_1 object| sel_10_2_1 object| sel_10_2_2 object| sel_10_3_1 object| sel_10_3_2 object| sel_10_4_1 object| sel_10_4_2 object| sel_10_5_1 object| sel_8_1_1 object| sel_8_1_2 object| sel_8_2_1 object| sel_8_2_2 object| sel_8_3_1 object| sel_8_3_2 object| sel_8_4_1 object| sel_8_4_2 object| sel_8_5_1 function| getQuestAnswer function| initialize function| door function| setQuestAnswer function| checkSafeButton function| showBlock function| showBlockAbout1 function| showBlockAbout2 function| showBlockAbout3 function| showBlockAbout4 function| send_results function| answers_reset function| get_population function| format_number function| quest_answer_reset object| quest_risks object| quest_ads object| quest_personnel object| quest_it object| quest_collector string| quest_answer_text function| quest_make_result function| show_select_dialog function| show_result_dialog number| quest_money_max string| quest_url string| quest_result_type object| door_beep function| get_money_text function| get_money_after_text function| get_money_pers object| html5 boolean| _‌‍ object| Modernizr object| x number| j object| selElmnt object| a object| b object| c function| closeAllSelect function| fbAsyncInit function| ok_set_widget function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| FB object| OK object| __buffer object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter51273733

28 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: NB5boMS5Kjjic4Y8MWL2qSUxxHpvKguKiw3ZHxjx5ZbIC6PrhtIfL7PsEjX2yTbQ+aD+UZRRZ5JbDTIhegvgQK4vOs8=
.yandex.ru/ Name: yandexuid
Value: 1961460331724058575
.yandex.ru/ Name: yashr
Value: 1244169571724058575
.dacredit.md/ Name: _ga
Value: GA1.2.1512274679.1724058576
.dacredit.md/ Name: _gid
Value: GA1.2.270582819.1724058576
.dacredit.md/ Name: _gat_gtag_UA_129731421_1
Value: 1
.dacredit.md/ Name: _fbp
Value: fb.1.1724058576094.907741627907611041
.dacredit.md/ Name: _ym_uid
Value: 1724058576840650082
.dacredit.md/ Name: _ym_d
Value: 1724058576
.yandex.com/ Name: yashr
Value: 9973637851724058576
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 475790778fake
.dacredit.md/ Name: _ym_isad
Value: 2
.mc.yandex.md/ Name: sync_cookie_csrf
Value: 3466640875fake
.yandex.com/ Name: yandexuid
Value: 1961460331724058575
.yandex.com/ Name: yuidss
Value: 1961460331724058575
.yandex.com/ Name: i
Value: NB5boMS5Kjjic4Y8MWL2qSUxxHpvKguKiw3ZHxjx5ZbIC6PrhtIfL7PsEjX2yTbQ+aD+UZRRZ5JbDTIhegvgQK4vOs8=
.yandex.com/ Name: yp
Value: 1724144976.yu.2472636411724058576
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1411491171fake
.yandex.md/ Name: yandexuid
Value: 1961460331724058575
.yandex.md/ Name: yuidss
Value: 1961460331724058575
.yandex.md/ Name: i
Value: NB5boMS5Kjjic4Y8MWL2qSUxxHpvKguKiw3ZHxjx5ZbIC6PrhtIfL7PsEjX2yTbQ+aD+UZRRZ5JbDTIhegvgQK4vOs8=
.mc.yandex.md/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 644030001724058577
.yandex.com/ Name: ymex
Value: 1726650576.oyu.2472636411724058576#1755594577.yrts.1724058577
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDRl4y2Bg==
.dacredit.md/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
connect.ok.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.md
mc.yandex.ru
play.dacredit.md
ro.play.dacredit.md
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.186.163
157.240.251.9
185.225.16.152
217.20.152.207
2606:4700:3037::ac43:8ef5
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200a
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::485
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
14f5c3eb7f9e06e8635edc96703114612a4f999a9b2d26791ea96ba61531494b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1944f4d5a5c3511f4ac2be62ba81bbe079fc697adf31b75b20fa81d2593d2af0
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
22583b83bd3d112d39f4a89d305868d1ebb4eb736809b996668ef54d9b454087
23262938846bb7422c6c7acde61bd4241bff7b7243b7964aa5665642c65c20fc
2781f3d6cab0de83a3b9209b21782abd79eff6f72cb5040ba02e058686fda63d
291c2e0c34bbaea7e76de584e0097ebffd3221b8f90c79d22d8e45304920eb0a
2c1c16120feead8e33655f908ca3c65680c714d6830568363e7880c025859a06
2c9b0e8de9d8dfe2567983cec4b0d770a867b99cf11bf42be8d957c6e0061293
2dd8ebd3f1076fe490d5fa46b8c9ba2c304dc108f14bd89301c49b4407a3b5a3
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3b09ddbbbbe65fcc1d5469df6308d766b84c46df486e339ed2f257f28a34869c
3b672a69cf35a1540aeb8228010b2c5874cd5b90a027b115ac0845f70f05ebba
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fcfe387487248a61cf24172487a046d17ff35c7a9e12466987f9da0c1341590
44e4bb677b869d32a67ad9a9f7f459906f38da1b1885bab6ec4546cccbd5d06c
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5458a46c8f953e14c138e6bc8ec88545eba8fbaeda037d051b4477e466de5a6f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
586d4172af816704066eb8ef1225c87621880b1e18f9ee1cf914e7e0eae19812
5ff6550c27e563f598665e964bba04d9fbfee49b1084f772a4da88021fc5ad5d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ad1cb139471b72efd7d8cdc7e701585d36597a12b5479a7f59b4147c652472c
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
9b868d22060d9e34392d23e25c8a456e89b706ce32f6a6a28f959c0c6673c052
9e70cc54827af627e39ca7ce5a1d84bfd1943772c697f899ffcb42cc0ca26824
a08dee5d4e00ba751788f834e8b6dc78f77bcf69aba291afecd9dfacc8c4227d
a14e0151b2ac69c4671d7da7cb4bb01142b1952e4b414108a495fc7211a73b50
a3014cabe53b1cb483af60ddaa483f272b2ea1caf4edaf2a1932f18a27cfd60e
a47b58e49300d8df0134c25d423e34add5344e7a6b71e94090b8bde74c304f24
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abfbc7f294173be90916e540a50790ba32eb60171f2a9a2c41589dfda1f8b55b
acb94746585f1b13693b2278bcb94a3b4f2b914540a3ed05eb3103dca8defae3
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b0c77071ca93a789bc9a8e61f1811f6743b427cbc76a68cda15c2a7caf642d56
b6d967d6b3a592c8269d5b9eaed9944714b10464b25f84e19cb58073e3460e29
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c03e8889848a13066f74847df0f2de5b414c8b058eb706d0e9ed4630dea1a336
c236c05cb552ccdaa6709b34d9f6f74c1762e74452d6e3d4eb4a838c3bcc81b3
c8e20705393c3d0abaa768efeed75435d2e7457dce60c55b985c134198bfae03
d0e68d8d64706edd9c23cb49819b226aa7a6f805fc4bcd7d8fa3032f09edbc5a
d12787a668782b56a6cad6576320bb528d1af23760ace0685e18565d65b3110a
d4218ca7fc4dc25efa2e9aada1d180e3c2e92c2c0914cbaca711c5ee0415339b
d83aaebc7e8e790183e753c0f57f5a695d2b194f7b8087e89ce45b0382fb65f9
da18b1420618f3d9a7731621bfe7b2ef3083024c31898a12be48fd8d5a514ee2
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
dd59e541ab6493b7b27a48008e90f27e626de37d7391d2bed9bd16c913638c67
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df161b84cb21baf9a943d61f2958b9e43b7b7b6fff972b2bb68b37e370296076
e0be2acaff8171bff34cf2950e154a7c07c5f83b757f072c388c064fdfb6e23c
e1816cfa5564d8856d201edce6e0e91cc8c67fdb2c4caea39eb1467faed0680c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7574b1eb9443ec183fb6b8ec6c93ef2f7adaf8e18aecc8ed7b68228f54a598c
eb9ae14a6c0f49019ef372b5a7a72e7534317e230dbadb870880749fc0aabc5e
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f