www.mediafax.ro Open in urlscan Pro
93.113.11.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-leg...
Submission: On February 13 via manual (February 13th 2022, 2:19:05 pm UTC) from RO — Scanned from DE

Summary HTTP 150 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 30 domains to perform 150 HTTP transactions. The main IP is 93.113.11.101, located in Romania and belongs to MEDIASAT, RO. The main domain is www.mediafax.ro. The Cisco Umbrella rank of the primary domain is 265317.
TLS certificate: Issued by GlobeSSL DV CA on July 3rd 2020. Valid for: 2 years.

This is the only time www.mediafax.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	93.113.11.101 93.113.11.101	8751 (MEDIASAT) (MEDIASAT)
2	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:678	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.245.50 104.111.245.50	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
15	93.113.11.218 93.113.11.218	8751 (MEDIASAT) (MEDIASAT)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.113.11.202 93.113.11.202	8751 (MEDIASAT) (MEDIASAT)
4	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:49b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:589::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	128.140.224.226 128.140.224.226	5606 (GTS-BACKB...) (GTS-BACKBONE GTS Telecom)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	13.224.89.10 13.224.89.10	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:ab0... 2a02:26f0:ab00:2b8::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:710... 2a02:26f0:7100:58d::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
4	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:808::200d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6810:dc60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	99.80.67.233 99.80.67.233	16509 (AMAZON-02) (AMAZON-02)
12	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
150	39

22 93.113.11.101 (Romania)

ASN8751 (MEDIASAT, RO)
PTR: www.mediafax.ro

www.mediafax.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:678 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-50.deploy.static.akamaitechnologies.com

code3.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 93.113.11.218 (Romania)

ASN8751 (MEDIASAT, RO)
PTR: dms-cache1.s.m.ro

storage0.dms.mpinteractiv.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

quiz.onlinelivesurvey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.113.11.202 (Romania)

ASN8751 (MEDIASAT, RO)
PTR: cnt.m.ro

cnt.m.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49b8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mediafax.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:589::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 128.140.224.226 (Romania) 1 redirects

ASN5606 (GTS-BACKBONE GTS Telecom, RO)

garo.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.89.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-10.zrh50.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00:2b8::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:58d::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dc60 (United States)

ASN13335 (CLOUDFLARENET, US)

mediafax.os.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.67.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com

admp-tc-sati.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mediafax.ro www.mediafax.ro — Cisco Umbrella Rank: 265317	613 KB
15	mpinteractiv.ro storage0.dms.mpinteractiv.ro — Cisco Umbrella Rank: 432370	133 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	338 KB
12	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314 mediafax.onesignal.com	230 KB
10	google.com apis.google.com — Cisco Umbrella Rank: 86 accounts.google.com — Cisco Umbrella Rank: 62	223 KB
9	cxense.com scdn.cxense.com — Cisco Umbrella Rank: 9903 cdn.cxense.com — Cisco Umbrella Rank: 4660 api.cxense.com — Cisco Umbrella Rank: 6479 comcluster.cxense.com — Cisco Umbrella Rank: 4318 p1cluster.cxense.com — Cisco Umbrella Rank: 6557 id.cxense.com — Cisco Umbrella Rank: 8288	48 KB
8	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6072	209 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	127 KB
6	gstatic.com ssl.gstatic.com	6 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 591 syndication.twitter.com — Cisco Umbrella Rank: 840	150 KB
5	gemius.pl 1 redirects garo.hit.gemius.pl — Cisco Umbrella Rank: 157669 ls.hit.gemius.pl — Cisco Umbrella Rank: 13343	15 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1139 s8t.teads.tv — Cisco Umbrella Rank: 2997 t.teads.tv — Cisco Umbrella Rank: 2343	133 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	152 KB
4	adtlgc.com code3.adtlgc.com — Cisco Umbrella Rank: 73140 admp-tc-sati.adtlgc.com — Cisco Umbrella Rank: 79881	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	42 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	157 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 747	138 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	83 KB
2	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 14391	3 KB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 443	2 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 355	1 KB
1	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1397	749 B
1	os.tc mediafax.os.tc	716 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	30 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 709	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 22091	25 KB
1	m.ro cnt.m.ro — Cisco Umbrella Rank: 665423	280 B
1	onlinelivesurvey.com quiz.onlinelivesurvey.com	9 KB
150	30

	Domain	Requested by
22	www.mediafax.ro	www.mediafax.ro
15	storage0.dms.mpinteractiv.ro	www.mediafax.ro
12	www.facebook.com	connect.facebook.net www.facebook.com
8	apis.google.com	www.mediafax.ro apis.google.com accounts.google.com www.youtube.com
8	cookie-cdn.cookiepro.com	www.mediafax.ro cookie-cdn.cookiepro.com
7	www.youtube.com	apis.google.com www.youtube.com
6	ssl.gstatic.com	accounts.google.com www.mediafax.ro
6	cdn.onesignal.com	www.mediafax.ro cdn.onesignal.com mediafax.os.tc mediafax.onesignal.com
5	onesignal.com	cdn.onesignal.com
4	garo.hit.gemius.pl	1 redirects www.mediafax.ro garo.hit.gemius.pl
4	platform.twitter.com	www.mediafax.ro platform.twitter.com
3	admp-tc-sati.adtlgc.com	code3.adtlgc.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com w.soundcloud.com
3	static.criteo.net	www.mediafax.ro
3	pagead2.googlesyndication.com	www.mediafax.ro pagead2.googlesyndication.com cdn.unblockia.com
3	securepubads.g.doubleclick.net	www.mediafax.ro securepubads.g.doubleclick.net
2	static.xx.fbcdn.net	www.facebook.com
2	syndication.twitter.com	platform.twitter.com www.mediafax.ro
2	t.teads.tv	www.mediafax.ro
2	accounts.google.com	apis.google.com www.mediafax.ro
2	comcluster.cxense.com	scdn.cxense.com cdn.cxense.com
2	api.cxense.com	scdn.cxense.com
2	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
2	connect.facebook.net	www.mediafax.ro connect.facebook.net
2	w.soundcloud.com	www.mediafax.ro w.soundcloud.com
2	a.teads.tv	www.mediafax.ro s8t.teads.tv
2	cdn.cookielaw.org	www.mediafax.ro
1	gum.criteo.com	static.criteo.net
1	mediafax.onesignal.com	cdn.onesignal.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	id.cxense.com	scdn.cxense.com
1	mediafax.os.tc	cdn.onesignal.com
1	p1cluster.cxense.com	cdn.cxense.com
1	ls.hit.gemius.pl	garo.hit.gemius.pl
1	s8t.teads.tv	a.teads.tv
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ajax.googleapis.com	quiz.onlinelivesurvey.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	scdn.cxense.com	www.mediafax.ro
1	www.googletagmanager.com	www.mediafax.ro
1	cdn.unblockia.com	www.mediafax.ro
1	cnt.m.ro	www.mediafax.ro
1	quiz.onlinelivesurvey.com	www.mediafax.ro
1	code3.adtlgc.com	www.mediafax.ro
150	44

This site contains links to these domains. Also see Links.

Domain
sales.m.ro
news.mediafax.biz
www.mediafaxfoto.ro
comunicate.mediafax.biz
revolutions.mediafax.ro
www.reuters.com
alephnews.ro
www.facebook.com
www.instagram.com
www.zf.ro
twitter.com
www.businessmagazin.ro
monitorulapararii.ro
tacataca.prosport.ro
www.cancan.ro
www.gandul.ro
www.comedymall.ro
monitoruljustitiei.ro
monitorulpartidelor.ro
editura.mediafax.ro
www.prosport.ro

Subject Issuer	Validity	Valid
*.mediafax.ro GlobeSSL DV CA	`2020-07-03` - `2022-07-03`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
cdn-content-production.cxpublic.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.dms.mpinteractiv.ro GlobeSSL DV CA	`2020-06-25` - `2022-06-25`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.m.ro GlobeSSL DV CA	`2020-07-03` - `2022-07-03`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-22` - `2022-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.adtlgc.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Frame ID: 6B3E6BD040036A88D6A9E9F81F2F3342
Requests: 102 HTTP requests in this frame

Frame: https://w.soundcloud.com/icon/?url=https://soundcloud.com/user-590969935&color=orange_white&size=32
Frame ID: C99649C7AE4770999DF273CF7434B75A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: DD895C1E800447BD4F496E61E53CDA5F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.mediafax.ro
Frame ID: 7341085AECEBD8588F71C13B56BCA273
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=MediafaxRO&layout=default&count=default&origin=https%3A%2F%2Fwww.mediafax.ro&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Frame ID: 56832CEB2EEA7AE83DE5C00B54888985
Requests: 5 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 195BF1643313E9D9F43E5BC7C9842B7C
Requests: 4 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: BE506E2ECBC63C335693F9784600E4F6
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediafax.ro&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Frame ID: 8239AECC0C413660EEAFA4E224366302
Requests: 5 HTTP requests in this frame

Frame: https://mediafax.os.tc/webPushIframe
Frame ID: E54F2D23CED47C132F41D34F83070BFD
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCrgVndNJEwGyxfKuF6IycnA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Frame ID: 8A73BDAB431F6ECB8875E31AACCB7FA7
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.4e067713e19d4fff483536ddc4df18b9.ro.html
Frame ID: 42524C4547B2D08B6C73B7AB79436455
Requests: 3 HTTP requests in this frame

Frame: https://mediafax.onesignal.com/webPushIframe
Frame ID: 5C24F3E50D5E791CE40A4691C7784E24
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button
Frame ID: 18ABBA87BB02DCAB74287BF217CEFF63
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32682075cf8c4%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false
Frame ID: 0C03CDD338F58DC477AC33DEDE0EA697
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false
Frame ID: A157F62CBA39EEA8E531563064533888
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255b94c51387ac%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fmediafax.ro%2F&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 8ACF87031F36E5366D187077ED45CD00
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mediafax.ro&gdpr=1&gdpr_consent=CPUWsEnPUWsEnAcABBENCCCgAAAAAH_AAChQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAQSAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA
Frame ID: E2FDBE1D39829CCC078B57A9A960C50D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surse Reuters: Macron a refuzat să facă un test COVID-19 în Rusia din cauza temerilor legate de furtul de ADN

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

99 %
HTTPS

63 %
IPv6

30
Domains

44
Subdomains

39
IPs

6
Countries

2958 kB
Transfer

9699 kB
Size

27
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://sales.m.ro/
Title: Publicitate

Search URL Search Domain Scan URL

URL: https://news.mediafax.biz/
Title: News

Search URL Search Domain Scan URL

URL: https://www.mediafaxfoto.ro/
Title: Foto

Search URL Search Domain Scan URL

URL: http://comunicate.mediafax.biz/Pages/Public/Index.aspx
Title: Comunicate

Search URL Search Domain Scan URL

URL: https://revolutions.mediafax.ro/
Title: Revolutions

Search URL Search Domain Scan URL

URL: https://www.reuters.com/world/europe/putin-kept-macron-distance-snubbing-covid-demands-sources-2022-02-10/
Title: Reuters

Search URL Search Domain Scan URL

URL: https://alephnews.ro/educatie/parintii-se-opun-trecerii-la-trimestre-3-teze-si-30-de-note-in-plus-ca-sa-evaluam-ce/
Title: Părinții se opun trecerii la trimestre: „3 teze și 30 de note în plus, ca să evaluăm ce?”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafax.ro/
Title: paginii noastre de Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mediafax_ro/
Title: Mediafax pe Instagram

Search URL Search Domain Scan URL

URL: https://alephnews.ro/sanatate/oms-omicron-nu-va-fi-ultima-varianta-despre-care-vom-vorbi/

Search URL Search Domain Scan URL

URL: https://www.zf.ro/politica/presedintele-pnl-florin-citu-sustine-scaderea-cas-ului-de-la-25-la-20522915

Search URL Search Domain Scan URL

URL: https://www.zf.ro/companii/dacia-va-mai-avea-un-model-electric-pe-aceeasi-platforma-cu-renault-20492294

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=http://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&t=Surse%20Reuters%3A%20Macron%20a%20refuzat%20s%C4%83%20fac%C4%83%20un%20test%20COVID-19%20%C3%AEn%20Rusia%20din%20cauza%20temerilor%20legate%20de%20furtul%20de%20ADN

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Surse%20Reuters%3A%20Macron%20a%20refuzat%20s%C4%83%20fac%C4%83%20un%20test%20COVID-19%20%C3%AEn%20Rusia%20din%20cauza%20temerilor%20legate%20de...&url=https://mediafax.ro/rd-20519432

Search URL Search Domain Scan URL

URL: https://alephnews.ro/sanatate/parintii-unui-copil-de-2-ani-au-refuzat-transfuzia-de-sange-de-la-vaccinati/

Search URL Search Domain Scan URL

URL: https://alephnews.ro/
Title: ALEPHNEWS.RO

Search URL Search Domain Scan URL

URL: https://www.zf.ro/fiscalitate/tichete-de-masa-2022-din-aceasta-luna-tichetele-de-masa-vor-fi-emise-20519405

Search URL Search Domain Scan URL

URL: https://www.zf.ro/
Title: ZF.RO

Search URL Search Domain Scan URL

URL: http://www.businessmagazin.ro/analize/turism/locul-superb-din-romania-care-se-dezvolta-tot-mai-tare-turismul-20507914

Search URL Search Domain Scan URL

URL: https://www.businessmagazin.ro/
Title: BUSINESSMAGAZIN.RO

Search URL Search Domain Scan URL

URL: https://monitorulapararii.ro/nato-ar-putea-stationa-permanent-grupuri-de-lupta-in-romania-1-40553

Search URL Search Domain Scan URL

URL: https://monitorulapararii.ro/
Title: MONITORULAPARARII.RO

Search URL Search Domain Scan URL

URL: https://tacataca.prosport.ro/poze/foto-cantareata-mira-intr-un-costum-de-baie-ultradecupat-168069/?pic=168071&utm_source=Mediafax+Interior+%5B2%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/cati-lei-incaseaza-lunar-un-recenzor-de-la-recensamantul-populatiei-in-2022-20577792?utm_source=Mediafax+Articol&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.gandul.ro/stiri/un-adolescent-de-17-ani-inecat-therme-ce-spun-reprezentatii-complexului-19749318?utm_source=Mediafax+Articol&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.comedymall.ro/singuri-acasa/vremuri-triste-si-pacanelele-se-inchid-19634797

Search URL Search Domain Scan URL

URL: https://www.comedymall.ro/
Title: COMEDYMALL.RO

Search URL Search Domain Scan URL

URL: http://monitoruljustitiei.ro/institutii/ministerul-de-justitie/ministrul-justitiei-la-sfarsitul-lunii-martie-cred-ca-siij-poate-fi-desfiintata-aceasta-sectie-si-a-ratat-rolul-pe-care-l-ar-fi-putut-avea-19854212

Search URL Search Domain Scan URL

URL: https://monitoruljustitiei.ro/
Title: MONITORULJUSTITIEI.RO

Search URL Search Domain Scan URL

URL: https://monitorulpartidelor.ro/video-discursul-ministrului-energiei-intrerupt-de-george-simion-hotule-vs-esti-un-prost-1-16425

Search URL Search Domain Scan URL

URL: https://monitorulpartidelor.ro/
Title: MONITORULPARTIDELOR.RO

Search URL Search Domain Scan URL

URL: https://www.zf.ro/fiscalitate/tot-ce-trebuie-sa-stie-contribuabilii-anaf-a-publicat-doua-ghiduri-20521196

Search URL Search Domain Scan URL

URL: http://www.businessmagazin.ro/analize/comert/povestea-a-doua-tinere-care-au-reinventat-traditionala-lumanare-si-20507943

Search URL Search Domain Scan URL

URL: https://editura.mediafax.ro/

Search URL Search Domain Scan URL

URL: https://www.gandul.ro/actualitate/foto-greseala-fatala-facuta-de-barbatii-care-au-participat-la-vanatoarea-in-care-politicianul-de-36-de-ani-a-fost-impuscat-mortal-19749425?utm_source=Mediafax+articol+sidebar&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.prosport.ro/poze/rusoaica-considerata-cea-mai-frumoasa-concurenta-de-la-jocurile-olimpice-de-la-beijing-imaginile-care-au-facut-o-sa-fie-considerata-cea-mai-sexy-atleta-din-competitie-internautii-n-19408311?pic=19408314&utm_source=Mediafax+Sidebar&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://monitorulpartidelor.ro/prioritatea-lui-drula-noul-lider-usr-1-16426

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://garo.hit.gemius.pl/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=4Vcm8SOlxFZxq9P082KZFhm.viygk9sD8uJrLdqDxF3.P7uL6oEyS.FjigwSE9KznesrcONuFhXwv4BWUBW5WWCdWp8N/Qpo4gW5s4V4Op/&fpdata=Y4CMRTSiLxGcArTyilNmcBiCZZCNmxTEPa5t4zxx4_r.T7&vis=1&fpcap= HTTP 301
https://garo.hit.gemius.pl/__/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=4Vcm8SOlxFZxq9P082KZFhm.viygk9sD8uJrLdqDxF3.P7uL6oEyS.FjigwSE9KznesrcONuFhXwv4BWUBW5WWCdWp8N/Qpo4gW5s4V4Op/&fpdata=Y4CMRTSiLxGcArTyilNmcBiCZZCNmxTEPa5t4zxx4_r.T7&vis=1&fpcap=

150 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432 Show response
www.mediafax.ro/externe/ 157 KB
28 KB 353ms
252ms Document
text/html 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 87f6a0017e07ebf47017a92d0098306dea1682253848584e55c70ee08a2856a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.14.2
date: Sun, 13 Feb 2022 14:18:55 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Sun, 13 Feb 2022 14:18:55 GMT
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 style.css
www.mediafax.ro/ 174 KB
35 KB 70ms
69ms Stylesheet
text/css 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/style.css?v=10,11
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 2439887e9f0255d1282f000e8bf0859ed005a86cb8f6e61a14ada232bb37618e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:55 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 07:24:32 GMT
server: nginx/1.14.2
etag: "2b7b1-5cb4e8a5b5778"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 35354
x-proxy-cache: HIT

GET
H2 200 jwplayer.js Show response
www.mediafax.ro/jwplayer-8103/ 110 KB
36 KB 90ms
89ms Script
application/javascript 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/jwplayer-8103/jwplayer.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 87d69772349eaf03b5f255923b799d2fd3670b134b74850110100457a8742e6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:55 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 14:40:34 GMT
server: nginx/1.14.2
etag: "1b62e-591cf4ddadc80"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 36187
x-proxy-cache: HIT

GET
H2 200 tcf.stub.js Show response
cdn.cookielaw.org/consent/ 2 KB
1 KB 96ms
38ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/tcf.stub.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wWRR1dd+iePr7uQuaw5L+w==
age: 4791
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 10:47:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ec24bb98-201e-00c9-117d-1e482c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0540a2f5995-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 cmp.stub.js Show response
cdn.cookielaw.org/consent/ 906 B
636 B 96ms
39ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/cmp.stub.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142c96e3a6e08865a80eb37537f9688fd449c0d9655dabcea8488f0e4844bfd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fmld/hbHJY2/VR7APngRag==
age: 14054
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 10:47:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 86e8d260-401e-009d-4689-1ea2a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0540a355995-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 19 KB
7 KB 119ms
54ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: zadN1tnUFXNBOXe6vsJdDg==
age: 5344
x-ms-lease-status: unlocked
last-modified: Thu, 10 Feb 2022 02:30:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b9bb083e-c01e-009b-1b39-1ef948000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0541f0ef933-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H/1.1 200
OK sati_init.js Show response
code3.adtlgc.com/js/ 48 KB
12 KB 94ms
20ms Script
application/javascript 104.111.245.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code3.adtlgc.com/js/sati_init.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-50.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 16:40:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"67184b081833e14163cd48db728deb4d"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/javascript
Cache-Control: max-age=69128
Connection: keep-alive
Content-Length: 12109
X-Amz-Cf-Id: hTLI4hqv_Di8QxW-YjHSKjRQO3RxPgBNDnHoJNS06BotQNqhFKjUXg==
Expires: Mon, 14 Feb 2022 09:31:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 65ms
28ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27131
x-xss-protection: 0
server: sffe
etag: "1130 / 228 of 1000 / last-modified: 1644620882"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Feb 2022 14:18:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 108ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684cf0f64b03a51b3c9472c50ec27d10292e6dbfa3c99f9bd473026c273dfec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53889
x-xss-protection: 0
server: cafe
etag: 6061899997351583582
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 prebid_last.js Show response
www.mediafax.ro/js/ 372 KB
116 KB 113ms
113ms Script
application/javascript 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/js/prebid_last.js?v=5
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 1e098d2fb96d6dcd6d8c78e52231e0c9dac54e4e0b93f8c8add5fa672df1ac7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:55 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 12:49:46 GMT
server: nginx/1.14.2
etag: "5ce3c-5cdc2b28c1fc9"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: HIT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 127 KB
41 KB 98ms
39ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:37 GMT
server: nginx
etag: W/"61f7a625-1fc09"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Feb 2022 14:18:56 GMT

GET
H2 200 tag Show response
a.teads.tv/page/112681/ 797 B
696 B 146ms
61ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/112681/tag
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb4fa981a32a57023f2835ad8e303b94f9c06aee5ec81d4d970d85408f86cf1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 496
expires: Sun, 13 Feb 2022 15:18:56 GMT

GET
H2 200 indo.jpg
storage0.dms.mpinteractiv.ro/media/1/1/1688/20523038/1/ 4 KB
4 KB 291ms
136ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/1688/20523038/1/indo.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 3e8d8f3cf06e8660a2aa7ca41fa42f03967e15582ae757890f350fbed08ad4b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:02:33 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 16:02:32 +0200
server: Apache
age: 982
etag: 0de7d64052ed1123251825a7015c038e
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992175 179610715
x-cache-hits: 150
accept-ranges: bytes
content-length: 3751
x-served-by: dms-cache1

GET
H2 200 28526836-m.jpg
storage0.dms.mpinteractiv.ro/media/1/1/3614/20523017/1/ 4 KB
5 KB 291ms
137ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20523017/1/28526836-m.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 7d097ea2d2a619998ed7aa7c2c26c1cbf8e5909cec2c553647c1dce1dcf535c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 13:14:24 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 15:14:24 +0200
server: Apache
age: 3872
etag: 30a2f160908080fa1dced220e0d29060
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992177 179249179
x-cache-hits: 456
accept-ranges: bytes
content-length: 4325
x-served-by: dms-cache1

GET
H2 200 profimedia-0571006250.jpg
storage0.dms.mpinteractiv.ro/media/1/1/3614/20522934/1/ 4 KB
4 KB 291ms
137ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20522934/1/profimedia-0571006250.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: f749fe9b5d66ea80f357abd573ece33eb66db89be51ae3408f8aa61becf58e74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 11:59:51 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 13:59:51 +0200
server: Apache
age: 8345
etag: f7394fda545c913d9ef6db58b9621388
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992176 187367428
x-cache-hits: 809
accept-ranges: bytes
content-length: 3778
x-served-by: dms-cache1

GET
H2 200 fara-titlu.png
storage0.dms.mpinteractiv.ro/media/1/1/3614/20522857/1/ 20 KB
20 KB 292ms
138ms Image
image/png 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20522857/1/fara-titlu.png?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 405c75cac61280ec1f9ef44336db63bd433a5db6d864a12dde3b565b1056a056

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 10:50:19 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 12:50:19 +0200
server: Apache
age: 12516
etag: 7b948275c849786d0a5bfebb6af57b2e
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992178 185273081
x-cache-hits: 1171
accept-ranges: bytes
content-length: 20304
x-served-by: dms-cache1

GET
H2 200 1.jpg
storage0.dms.mpinteractiv.ro/media/1/1/3614/20522853/1/ 5 KB
6 KB 232ms
136ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20522853/1/1.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: c5492b5bb05514114b17e4f1e2c1877b8413aa8fe5c55f0fbd00bfc8efb80271

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 10:37:23 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 12:37:08 +0200
server: Apache
age: 13293
etag: ad47897208fff70d0d513fcd58a6f132
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992174 166905371
x-cache-hits: 1323
accept-ranges: bytes
content-length: 5335
x-served-by: dms-cache1

GET
H2 200 avion-decolare.jpg
storage0.dms.mpinteractiv.ro/media/1/1/3614/20522814/1/ 3 KB
3 KB 233ms
139ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20522814/1/avion-decolare.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 94b2495f16587237d171650b0e8c4f49bb3628fc147ad12b4998c9a309833012

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 10:35:20 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 12:35:20 +0200
server: Apache
age: 13415
etag: b03338d85eef11b8a8f211c582b0f9c5
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992179 181176995
x-cache-hits: 1057
accept-ranges: bytes
content-length: 2747
x-served-by: dms-cache1

GET
H2 200 gabriel-negreanu.jpg
storage0.dms.mpinteractiv.ro/media/2/1521/18546/18901726/1/ 32 KB
33 KB 187ms
92ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/2/1521/18546/18901726/1/gabriel-negreanu.jpg
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 54d1c383150b3b4abdbbb9c3aaa39a41d440d46399e5bb2f5fecca87b616d6d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 14:43:26 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 23 Aug 2021 12:18:21 +0300
server: Apache
age: 10971329
etag: 21eba53c807ad1b22007234fd2e0ff70
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992173 1474567
x-cache-hits: 1491037
accept-ranges: bytes
content-length: 33110
x-served-by: dms-cache1

GET
H2 200 pixel.png
www.mediafax.ro/images/ 925 B
1 KB 53ms
51ms Image
image/png 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/pixel.png
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 6b7ec16fc03198c995a70b870ec86f297578daccc4783aa85bc5cc5104243acc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Wed, 23 Jan 2019 13:14:06 GMT
server: nginx/1.14.2
etag: "39d-5801fde54e380"
content-type: image/png
accept-ranges: bytes
content-length: 925
x-proxy-cache: HIT

GET
H2 200 quiz-script.js Show response
quiz.onlinelivesurvey.com/widget/ 31 KB
9 KB 125ms
54ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.onlinelivesurvey.com/widget/quiz-script.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d76bea23ed970eefc709298a3dadbba9b07d37a89b1edab024c6f59af752a30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6260443
access-control-allow-methods: GET, POST, DELETE, PUT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 25 Jun 2021 13:01:26 GMT
server: cloudflare
etag: W/"60d5d3a6-7ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kyhq03GvGdF%2B9RBNCnKYqkPoSlif1iADFvt%2BADuprvBOEfEX%2BuAST%2FB6mUPDYtaVu%2B8Ybs%2B8QbmzyTO4J8UIb846MzanI7Q1naaEOzzudiIRjdysqJzZJrQwb8M9TRYguvfhDrpBUX%2BPQBGAcVCUi2yX5VPf2YZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-credentials: true
cf-ray: 6dceb054ed4383ba-MXP
access-control-allow-headers: Version,Accept,Accept-Encoding,Accept-Language,Connection,Coockie,Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK c.gif
cnt.m.ro/ 43 B
280 B 226ms
46ms Image
image/gif 93.113.11.202
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnt.m.ro/c.gif?id=20519432&pid=1
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.113.11.202 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: cnt.m.ro
Software: Apache /
Resource Hash: 7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Last-Modified: Thu, 24 Oct 2013 10:44:10 GMT
Server: Apache
ETag: "22017c-2b-4e97a5056f280"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 42ms
8ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Content-Encoding: gzip
Age: 389
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (frb/67F3)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 112ms
91ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B+Ajq4u7t0JFuOm2/YG8tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "e8ffbe621e1cdf6fd8ff881ebc9a3cd4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-B+Ajq4u7t0JFuOm2/YG8tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 h.js Show response
cdn.unblockia.com/ 131 KB
25 KB 103ms
37ms Script
application/x-javascript 2606:4700:20::ac43:49b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4155
x-amz-request-id: 22R1GKAD5XFW170T
x-amz-id-2: ab07698qvsSA2GRd8udzGRHgD4ay8vPHUtvViOAR986OFWlQnitawHBQMjP0n/Lut47Mw/mg6AU=
last-modified: Wed, 09 Feb 2022 19:08:10 GMT
server: cloudflare
etag: W/"a0c7e33966a5f7ad3bc448dcfda51957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qX2UYDBaD46L%2BylDl5gMjqzoOlFzMQufec0oKdBL0bFVvSnuu3Ia0UBkAeJ9pEDz9Kz%2FRESCdhP9%2FDzfMVPe2yhLnDLeb%2BEFy6srhkC4RGTeRKs%2FqzAB9aMvlIbtZy7SwLCkcfpoBDBaJblGI8J"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-version-id: 5dsbmyhMAJFu6dk9cMPVEFfOJNzB3SCj
cf-ray: 6dceb055aa0a0f62-MXP

GET
H2 200 app.js Show response
www.mediafax.ro/ 367 KB
104 KB 52ms
49ms Script
application/javascript 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/app.js?v=7,201
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: c606d7ba33d0a8a959fb7cb3a9f17d7b338b4ea207ac95ee50ce77d569c9f3ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 07:24:29 GMT
server: nginx/1.14.2
etag: "5bd56-5cb4e8a2a3e85"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: HIT

GET
H2 200 scrolleffect.js Show response
www.mediafax.ro/js/ 3 KB
1 KB 55ms
51ms Script
application/javascript 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/js/scrolleffect.js?v=7,201
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 45822d3c061421a8f057c956d9de77512eabe3439aced15434ee259d0269f35b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 11:02:25 GMT
server: nginx/1.14.2
etag: "a67-5aa0028dd462e"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 856
x-proxy-cache: HIT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 125ms
44ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 610
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb055c9fa5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 45ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KF5W4HX

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aafa077cfc026f71f923c73d3e90bad33b6ce450ad92fb5dd8b5d18dc2b48842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37622
x-xss-protection: 0
last-modified: Sun, 13 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 31caa019-da83-41f1-b0bb-d27e68b95efd.json Show response
cookie-cdn.cookiepro.com/consent/31caa019-da83-41f1-b0bb-d27e68b95efd/ 3 KB
2 KB 99ms
48ms XHR
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/31caa019-da83-41f1-b0bb-d27e68b95efd/31caa019-da83-41f1-b0bb-d27e68b95efd.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb61a8f11d6c2797e715b12b787b48a62f05537f1e5de0fe4f2809506392640b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: eoDwRo2QNUyCSdBUUmO7SA==
age: 10026
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jan 2022 12:21:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a928e45a-f01e-0074-5dcf-070cbd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb054cbee839c-MXP

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 64 KB
22 KB 40ms
10ms Script
application/x-javascript 2a02:26f0:7100:589::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:589::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Sun, 13 Feb 2022 15:18:56 GMT

GET
H2 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 8ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mediafax.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 13 Feb 2022 13:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Feb 2023 13:57:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 271 B
167 B 32ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mediafax.ro

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

80ce543ac83f07aa7d7052fb5a1eac082ff792aadc4a5a680cb89cc68f87c8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 xgemius.js Show response
garo.hit.gemius.pl/ 40 KB
11 KB 112ms
34ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://garo.hit.gemius.pl/xgemius.js
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 326d6c86acbda4e57e2d19570c9ac02c650b4975bbe8acb0be091f32a2fbb09a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 14:56:40 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Mon, 14 Feb 2022 02:18:56 GMT

GET
H2 200 word-map.png
www.mediafax.ro/images/default/layout/ 34 KB
34 KB 51ms
50ms Image
image/png 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/word-map.png
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: c1465005b4823bee385fff524630dc74e6616204d11993060ada88ed17cf37eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "8718-55f845b33da80"
content-type: image/png
accept-ranges: bytes
content-length: 34584
x-proxy-cache: HIT

GET
H2 200 icons.gif
www.mediafax.ro/images/default/layout/ 5 KB
5 KB 52ms
51ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/icons.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 4f07c95d2dbc59c70d30782ddc23281cd853824bd21f972dee68b8d42205411d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "1318-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 4888
x-proxy-cache: HIT

GET
H2 200 logo.png
www.mediafax.ro/images/default/layout/ 2 KB
2 KB 52ms
51ms Image
image/png 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/logo.png
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 66050c1ddd78fb51a51c284209b0b45075f5c566e747335226094df12272c94d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "798-55f845b33da80"
content-type: image/png
accept-ranges: bytes
content-length: 1944
x-proxy-cache: HIT

GET
H2 200 LatoLatin-Regular.woff2
www.mediafax.ro/fonts/ 43 KB
43 KB 51ms
50ms Font
application/font-woff2 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/fonts/LatoLatin-Regular.woff2
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0

Request headers

Referer: https://www.mediafax.ro/style.css?v=10,11
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:53 GMT
server: nginx/1.14.2
etag: "aaf0-55f845b249840"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 43760
x-proxy-cache: HIT

GET
H2 200 buttons.gif
www.mediafax.ro/images/default/layout/ 3 KB
3 KB 48ms
48ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/buttons.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 8ad6a4d90d9a3ee098c7e4d5307fa465afd70a76481878bd01e8b81c7cafbcaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "d37-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 3383
x-proxy-cache: HIT

GET
H2 200 LatoLatin-Bold.woff2
www.mediafax.ro/fonts/ 43 KB
44 KB 88ms
88ms Font
application/font-woff2 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/fonts/LatoLatin-Bold.woff2
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Request headers

Referer: https://www.mediafax.ro/style.css?v=10,11
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:52 GMT
server: nginx/1.14.2
etag: "ad5c-55f845b155600"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 44380
x-proxy-cache: HIT

GET
H2 200 fontawesome-webfont.woff2
www.mediafax.ro/fonts/ 70 KB
70 KB 90ms
90ms Font
application/font-woff2 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www.mediafax.ro/style.css?v=10,11
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Wed, 10 Aug 2016 15:55:16 GMT
server: nginx/1.14.2
etag: "118d8-539b9ace56100"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 71896
x-proxy-cache: HIT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 118ms
53ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.mediafax.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dceb055ab305a37-MXP
access-control-allow-headers: Content-Type

GET
H2 200 semi-transparent.png
www.mediafax.ro/images/default/layout/ 109 B
264 B 54ms
50ms Image
image/png 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/semi-transparent.png
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: bf7b057ae309e2de08d7685b5444d7dc0a5fc87bfc0803855d6f76a68a6ace32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "6d-55f845b33da80"
content-type: image/png
accept-ranges: bytes
content-length: 109
x-proxy-cache: HIT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: quiz.onlinelivesurvey.com
URL: https://quiz.onlinelivesurvey.com/widget/quiz-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 14:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Feb 2023 14:05:00 GMT

GET
H2 200 LatoLatin-Italic.woff2
www.mediafax.ro/fonts/ 44 KB
45 KB 46ms
46ms Font
application/font-woff2 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/fonts/LatoLatin-Italic.woff2
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 23d062b46761d2148b84ca93d72dfdf2f16833f2ebb54ebdafdf25f1e10afc50

Request headers

Referer: https://www.mediafax.ro/style.css?v=10,11
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:52 GMT
server: nginx/1.14.2
etag: "b14c-55f845b155600"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 45388
x-proxy-cache: HIT

GET
H2 200 category-news.gif
www.mediafax.ro/images/default/layout/ 43 B
197 B 45ms
45ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/category-news.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 927c7c926c79759e7e43d92a0c38b384eb0e25bece6d37d0f9ce820a2ce4fa25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "2b-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-proxy-cache: HIT

GET
H2 200 related.gif
www.mediafax.ro/images/default/layout/ 46 B
199 B 45ms
45ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/related.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 190c2b760317005f08334a5ead6381b74ad8caf0d1f960200748049d0fd3f11b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "2e-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 46
x-proxy-cache: HIT

GET
H2 200 LatoLatin-BoldItalic.woff2
www.mediafax.ro/fonts/ 44 KB
44 KB 46ms
46ms Font
application/font-woff2 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafax.ro/fonts/LatoLatin-BoldItalic.woff2
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 7836ce59bd4d5c17aee9cbecfe58226b1d45f2a77b00f7c4e8616896fd06929e

Request headers

Referer: https://www.mediafax.ro/style.css?v=10,11
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:52 GMT
server: nginx/1.14.2
etag: "afec-55f845b155600"
content-type: application/font-woff2
accept-ranges: bytes
content-length: 45036
x-proxy-cache: HIT

GET
H2 200 / Show response
w.soundcloud.com/icon/ Frame C996 2 KB
1 KB 139ms
92ms Document
text/html 13.224.89.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/icon/?url=https://soundcloud.com/user-590969935&color=orange_white&size=32

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-10.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

03a1e8c35360ea24c47b70a313d6fefa5fcd2f4bf9b27011388c5231f82dddb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

content-type: text/html
date: Sun, 13 Feb 2022 14:18:56 GMT
strict-transport-security: max-age=63072000
server: am/2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 9mcJduK5czIos-red0fUiBsbRyAodV8zbr0dFdAbhoYUapA2VLCEnQ==

GET
H2 200 simbol.gif
www.mediafax.ro/images/default/layout/ 339 B
494 B 46ms
45ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/simbol.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: c4c7ad885ed9c1ad4c73dcbed26612efc3267c4697b797fcca5602040eaa7f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "153-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 339
x-proxy-cache: HIT

GET
H2 200 footer.gif
www.mediafax.ro/images/default/layout/ 57 B
211 B 45ms
45ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/footer.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 8d07572d2827812d2e3a43d894498467952d8f6b483b0ef545d36c3d08f02e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "39-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 57
x-proxy-cache: HIT

GET
H2 200 internetics.gif
www.mediafax.ro/images/default/layout/ 2 KB
2 KB 45ms
45ms Image
image/gif 93.113.11.101
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafax.ro/images/default/layout/internetics.gif
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/style.css?v=10,11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.101 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: www.mediafax.ro
Software: nginx/1.14.2 /
Resource Hash: 4738c37c9290cdecf057add5feb2fd8dfc676f27f6ab252826a12404821bf41b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/style.css?v=10,11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 04 Dec 2017 14:15:54 GMT
server: nginx/1.14.2
etag: "800-55f845b33da80"
content-type: image/gif
accept-ranges: bytes
content-length: 2048
x-proxy-cache: HIT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 20ms
20ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 08 Feb 2023 14:18:56 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 21ms
21ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 08 Feb 2023 14:18:56 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ro_RO/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ro_RO/sdk.js

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9fd9d140fb34a7f17c84144dcd969da8a2f48b0a20923d4d46f13ec5295ba41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +C2RJuzMQUL5YrbnG2OVDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 13 Feb 2022 14:21:10 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: VczZCvTdYyAZMTGxwo51NrFJX2uconmgVblS21xwAtMHDwQjXdWVlW4u7hBiq11kMU26j9tqOX1QxnJTzOhO1w==
x-fb-trip-id: 917726464
x-fb-content-md5: 4593aa9555b7ebddb602da65ae053a25
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 13 Feb 2022 14:18:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "94accf3cc5485c951aeae86f0c56730a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/ 290 KB
104 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6622305925836088&plah=www.mediafax.ro&bust=31064825

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71120292c1c264d86922684ad25cc91b9b8c5c29858161f775196aedbbc4cc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106665
x-xss-protection: 0
server: cafe
etag: 8713683620373320681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame DD89 10 KB
5 KB 46ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sat, 12 Feb 2022 23:18:13 GMT
expires: Sat, 26 Feb 2022 23:18:13 GMT
cache-control: public, max-age=1209600
age: 54043
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.29.0/ 326 KB
75 KB 57ms
57ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de85ba404ac743bd5b7119b9a5dcad583fc9868f530e009e6b281bc1182023b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: dyhe7y2enj8bR8NtKm1KVA==
age: 3797
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jan 2022 07:13:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f50cb6c4-001e-00ab-7ce0-024787000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0564caef933-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF5W4HX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2642
date: Sun, 13 Feb 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Feb 2022 15:34:54 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 600 KB
132 KB 46ms
8ms Script
text/javascript 2a02:26f0:ab00:2b8::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/112681/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:2b8::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8aabf80549012559b7c52e0b26adccccd8c47fc62ed148dac912078ba9cd5be2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: GRZ93711H1WFZSSW
content-length: 134179
x-amz-id-2: 5xeAa2MRCyo1GJQD1A33FBlQ6g+MW1BV0XXqqJc0toFExaoKsnc+OUjaUmf/+tbTCEybGr4bQ+s=
last-modified: Tue, 08 Feb 2022 15:10:25 GMT
etag: "7fd08d8aed46c0ae58a3ad68eeafd30c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: b
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Feb 2022 14:48:56 GMT

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 7341 319 KB
104 KB 7ms
7ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.mediafax.ro
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 414610
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Feb 2022 14:18:56 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 126 KB
44 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4289d265aaa337c2f168e5a2f422844b2778008f45af6e222483f75ab7e86483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 09:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44817
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 09:09:49 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 118 KB
40 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_1?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

222b245830c8a115a9bd7eb96b0abf53045bd04f6d81fd3fad479e82a5e0d132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 08:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41097
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 08:45:47 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 5683 2 KB
2 KB 74ms
38ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channel=MediafaxRO&layout=default&count=default&origin=https%3A%2F%2Fwww.mediafax.ro&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d56bde1a5af9b22958342cfdea8712797d3d208a3853dba086d87c1ab331cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 14:18:56 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hepta-2945853.jpg
storage0.dms.mpinteractiv.ro/media/1/1/3614/20519432/1/ 25 KB
25 KB 46ms
44ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/3614/20519432/1/hepta-2945853.jpg?width=560
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: a3ffd0b71bdcf003ffb6d430fb1160262ac207ab5901cfee3ca41ccfd1060b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:21:50 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Fri, 11 Feb 2022 11:21:51 +0200
server: Apache
age: 190625
etag: e3c2e39887ab98786685632fafe5e6d0
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992180 118031734
x-cache-hits: 2349
accept-ranges: bytes
content-length: 25756
x-served-by: dms-cache1

GET
H2 200 alina-suciu-medic.jpg
storage0.dms.mpinteractiv.ro/media/1/1/39446/20493095/1/ 3 KB
4 KB 79ms
76ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/39446/20493095/1/alina-suciu-medic.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 3e038fa1a7515e7349a97dc8ae73c124ee5fc6a9572ea2c8e333de50f316d965

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 06:01:34 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 31 Jan 2022 08:01:34 +0200
server: Apache
age: 1153041
etag: ad16446a43749af537ae0ced5268b324
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992181 435291373
x-cache-hits: 235532
accept-ranges: bytes
content-length: 3277
x-served-by: dms-cache1

GET
H2 200 casa.jpg
storage0.dms.mpinteractiv.ro/media/1/1/1706/20493320/1/ 6 KB
6 KB 80ms
77ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/1706/20493320/1/casa.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: f3f8efc74309ee4c94f5e5f9fff12b4e3c2f829b66cb32561e54a98dbc705c17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 07:58:37 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 31 Jan 2022 09:58:37 +0200
server: Apache
age: 1146018
etag: 5658f507d9f089e6e14aa599d5114d5d
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992182 452559562
x-cache-hits: 235004
accept-ranges: bytes
content-length: 5832
x-served-by: dms-cache1

GET
H2 200 pnl.jpg
storage0.dms.mpinteractiv.ro/media/1/1/1687/20493500/1/ 4 KB
4 KB 79ms
76ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/1687/20493500/1/pnl.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 8891e3dd63c903973fa40ed67798eb1830ffc2fd7d418c6ad57374920f9a75ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:59:29 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Mon, 31 Jan 2022 10:59:29 +0200
server: Apache
age: 1142366
etag: c5a55cfc0a309b544f899887ccffe44c
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992183 459834270
x-cache-hits: 232635
accept-ranges: bytes
content-length: 4219
x-served-by: dms-cache1

GET
H2 200 sedinta-csat-26-ian-2022-3.jpg
storage0.dms.mpinteractiv.ro/media/1/1/1687/20488858/2/ 5 KB
6 KB 79ms
77ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1/1687/20488858/2/sedinta-csat-26-ian-2022-3.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: efb5e0010b3a8a805a957d462d882e51b215472797afea2e2d19159d480d286d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:23:26 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 30 Jan 2022 23:23:26 +0200
server: Apache
age: 1184130
etag: e78da7643705569ba79f7f83da01a93a
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992184 432898750
x-cache-hits: 229928
accept-ranges: bytes
content-length: 5614
x-served-by: dms-cache1

GET
H2 200 201740053-2608809432747033-6324905528946228296-n.jpg
storage0.dms.mpinteractiv.ro/media/1/1481/10381/20522915/2/ 3 KB
4 KB 79ms
77ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1481/10381/20522915/2/201740053-2608809432747033-6324905528946228296-n.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 2d53acf56bcab98433e79a8c9ace1007cf9295771e151c582821d58ecce8ad3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 12:17:10 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sun, 13 Feb 2022 14:17:10 +0200
server: Apache
age: 7305
etag: 35768e0ca51ed13a252f848b3dae507a
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992185 185568742
x-cache-hits: 1187
accept-ranges: bytes
content-length: 3343
x-served-by: dms-cache1

GET
H2 200 7280659-mediafax-foto-victor-ciupuliga.jpg
storage0.dms.mpinteractiv.ro/media/1/1481/37046/20521196/4/ 5 KB
6 KB 79ms
77ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/1/1481/37046/20521196/4/7280659-mediafax-foto-victor-ciupuliga.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: a87873adf0a49aac6bf34412987fc922450c00f177c3df15c6fadf1dbf1a8c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 09:00:24 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Sat, 12 Feb 2022 11:00:24 +0200
server: Apache
age: 105511
etag: 18a6a8e997bc6ac185cfee35b61f87bf
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992186 142785398
x-cache-hits: 12853
accept-ranges: bytes
content-length: 5577
x-served-by: dms-cache1

GET
H2 200 83232744-l-copy.jpg
storage0.dms.mpinteractiv.ro/media/401/341/5852/20507914/8/ 4 KB
4 KB 79ms
77ms Image
image/jpeg 93.113.11.218
MEDIASAT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage0.dms.mpinteractiv.ro/media/401/341/5852/20507914/8/83232744-l-copy.jpg?width=128
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.113.11.218 , Romania, ASN8751 (MEDIASAT, RO),
Reverse DNS: dms-cache1.s.m.ro
Software: Apache /
Resource Hash: 6bb5fda084cd52e9cbcaf8a73e92401f09681e4eccf51b9c9ee3760eb7431541

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:45:22 GMT
via: 1.1 varnish (Varnish/6.1)
last-modified: Fri, 11 Feb 2022 17:45:22 +0200
server: Apache
age: 167614
etag: 298bf673cd7bca1c91e8e1cf70212135
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
x-varnish: 187992187 105499190
x-cache-hits: 17260
accept-ranges: bytes
content-length: 4231
x-served-by: dms-cache1

GET
DATA 200
OK truncated
/ 539 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea5bf53214cd5075a0976d422d1589fb982607ddf667c76a70c9988fc1ee29b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 195B 684 B
749 B 25ms
9ms Document
text/html 2a02:26f0:7100:58d::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:58d::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Content-Length: 379
Cache-Control: max-age=864000
Expires: Wed, 23 Feb 2022 14:18:56 GMT
Date: Sun, 13 Feb 2022 14:18:56 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 77 B
693 B 52ms
14ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkzlcsgg0ei1h6yaz&persisted=36e0d8f1950c096f7c976d908ee04f40b3131ccc&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kzlcsgfsz3l2mzg5%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9ab11745f766d3757b861908fc492a9504ed50b7e0f21f8470888ddfcd04cba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK push Show response
comcluster.cxense.com/dmp/ 64 B
636 B 53ms
11ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://comcluster.cxense.com/dmp/push?callback=cXJsonpCBkzlcsgg68wcl403x&ver=2.3.1&persisted=fcadb0c22bec63a3e94af5a65644fc6b869880e0&json=%7B%22events%22%3A%5B%7B%22type%22%3A%22adBlockerDetection%22%2C%22rnd%22%3A%22kzlcsgg672qeb1kf%22%2C%22siteId%22%3A%221135102062960807735%22%2C%22prnd%22%3A%22kzlcsgdnnk4823nh%22%2C%22userIds%22%3A%5B%7B%22id%22%3A%22kzlcsgfsz3l2mzg5%22%2C%22type%22%3A%22cx%22%7D%5D%2C%22origin%22%3A%22brt-adblock%22%2C%22customParameters%22%3A%5B%7B%22group%22%3A%22adBlockerDetected%22%2C%22item%22%3A%22No%22%2C%22type%22%3A%22string%22%7D%5D%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de715.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

8cc7be46f45c66560f58073a546c475d0e1f40f848610d633a9044e348ed6825

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 64
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 67ms
39ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1831
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb05719db59d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:56 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ro_RO/ 285 KB
80 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ro_RO/sdk.js?hash=d6b5acb54b4c2592d55299a8e0f22d9e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30df00f2df7d658af39046a43a217bd3b787438aba2274c3b6d785035632ede0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mediafax.ro/
Origin: https://www.mediafax.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HSdyu8BbCGphRjCzPRzDZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 13 Feb 2023 12:14:27 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82152
x-fb-rlafr: 0
x-fb-debug: a2rMxiB+Q8Ny/FRumRTMgKledAoGoA2kI5tajdmbGaQvyjpLLIln0RNXGDBfEEGNHyki2XxKxlmvimVcX1yOPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 59991d3a7acc8181041f8c0852bd0beb
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Feb 2022 14:18:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2d24d05e519444091633365fcc5f20ea"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fpdata.js Show response
garo.hit.gemius.pl/ 280 B
393 B 34ms
33ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://garo.hit.gemius.pl/fpdata.js?href=www.mediafax.ro
Requested by: Host: garo.hit.gemius.pl
URL: https://garo.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 9c59ca05154a51f35df61f8a67b37c94c2236bd7910319d07f79f535ab9e4756

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 280
expires: Tue, 15 Mar 2022 14:18:56 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame BE50 5 KB
3 KB 93ms
27ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: garo.hit.gemius.pl
URL: https://garo.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: c85ebf489d05c9d5a419636b601143378258823d2536e7873f735f17f257ec03

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
expires: Tue, 15 Mar 2022 14:18:56 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2712
content-encoding: gzip

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 63ms
48ms Fetch
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53688
x-xss-protection: 0
server: cafe
etag: 5778466587737637714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2 200 orange_white_32-94fc761.png
w.soundcloud.com/icon/assets/images/ Frame C996 961 B
1 KB 85ms
84ms Image
image/png 13.224.89.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w.soundcloud.com/icon/assets/images/orange_white_32-94fc761.png

Requested by

Host: w.soundcloud.com
URL: https://w.soundcloud.com/icon/?url=https://soundcloud.com/user-590969935&color=orange_white&size=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.89.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-89-10.zrh50.r.cloudfront.net

Software

am/2 /

Resource Hash

1e38114ce5a16eb5ab3058f60f3267aedcdfe65f50f54fb36f9c603ddad9080f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/icon/?url=https://soundcloud.com/user-590969935&color=orange_white&size=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
last-modified: Mon, 25 Oct 2021 16:11:23 GMT
server: am/2
x-amz-cf-pop: ZRH50-C1
etag: W/"3c1-17cb8387ff8"
strict-transport-security: max-age=63072000
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 961
x-amz-cf-id: UU11icX5vazSf0BU1WkYvcHfoGO0lSgtXUtwt_p-tkqUrYSNjju3Ag==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1142465211&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&ul=en-us&de=UTF-8&dt=Surse%20Reuters%3A%20Macron%20a%20refuzat%20s%C4%83%20fac%C4%83%20un%20test%20COVID-19%20%C3%AEn%20Rusia%20din%20cauza%20temerilor%20legate%20de%20furtul%20de%20ADN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=680622080&gjid=2131705894&cid=1909923854.1644761937&tid=UA-497209-3&_gid=1744989297.1644761937&_r=1&gtm=2wg290KF5W4HX&z=1905875483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mediafax.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mediafax.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C996 49 KB
20 KB 17ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: w.soundcloud.com
URL: https://w.soundcloud.com/icon/?url=https://soundcloud.com/user-590969935&color=orange_white&size=32

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w.soundcloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2642
date: Sun, 13 Feb 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 13 Feb 2022 15:34:54 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 8239 565 B
904 B 38ms
16ms Document
text/html 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediafax.ro&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_1?le=oz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fdca1bbe9d973e1e23d9ec57321d23e7e838ecdcb9a8335599c5b9037d737d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-PLH0KSwNoO0NzFpuF3GhMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 14:18:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-PLH0KSwNoO0NzFpuF3GhMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ro.json Show response
cookie-cdn.cookiepro.com/consent/31caa019-da83-41f1-b0bb-d27e68b95efd/84454c3e-6fa0-4012-a32a-3e5591ab2bcd/ 480 KB
63 KB 57ms
56ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/31caa019-da83-41f1-b0bb-d27e68b95efd/84454c3e-6fa0-4012-a32a-3e5591ab2bcd/ro.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b719f48aabcc4ed44ac7f1db60e0a2f8f80958521bf7ff658f37db3f48a024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: fFzMcqOBX/wjD/+Bj03UKQ==
age: 2331
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jan 2022 12:21:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 18f8e0f7-c01e-00b4-4b26-13f483000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0579ce4839c-MXP

GET
H2 200 iab2Data.json Show response
cookie-cdn.cookiepro.com/vendorlist/ 276 KB
39 KB 54ms
53ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/vendorlist/iab2Data.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87882870eda07c01a05282e8e8e1dd8ce7df22e8726dbc5f9c07c49f2317fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: fuzV1fWFiAy4X3kY2+O1Zw==
age: 10025
x-ms-lease-status: unlocked
last-modified: Sun, 13 Feb 2022 07:59:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 17e4560f-201e-0058-04cd-20e012000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0579ce7839c-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 otTCF.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.29.0/ 68 KB
15 KB 50ms
50ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otTCF.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: RoP2b3hLwXZoHOiRCc6pcg==
age: 2353
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jan 2022 07:13:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e350f18a-d01e-0011-114f-05a2f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb0579feff933-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 82ms
59ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=361d7be8-1de0-4a37-ad84-cf92feb37c2d&pageId=112681&pid=122482&debug_metadata=ImIYFwNjwt&fv=963&ts=1644761936596&f=1&referer=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 76ms
54ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=361d7be8-1de0-4a37-ad84-cf92feb37c2d&pageId=112681&pid=122482&slot=native&fv=963&ts=1644761936602&f=1&referer=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 5683 38 KB
6 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=MediafaxRO&layout=default&count=default&origin=https%3A%2F%2Fwww.mediafax.ro&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=MediafaxRO&layout=default&count=default&origin=https%3A%2F%2Fwww.mediafax.ro&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Feb 2023 09:20:48 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 5683 252 KB
72 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channel=MediafaxRO&layout=default&count=default&origin=https%3A%2F%2Fwww.mediafax.ro&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Feb 2023 09:20:48 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 195B 64 KB
22 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:7100:58d::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:58d::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Sun, 13 Feb 2022 15:18:56 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 8239 0
20 B 32ms
16ms Other
text/html 2a00:1450:4001:808::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-PPsN1BVgT9T7tWXgDQKFLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediafax.ro&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-PPsN1BVgT9T7tWXgDQKFLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 5683 156 B
179 B 8ms
7ms Image
image/png 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 11:08:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 443456
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Feb 2023 11:08:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/ 3 KB
2 KB 45ms
35ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c05edd663c335ddfca72b8e1a4720b29128e66f51822d1df6d0ca4499cd8078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564
cf-polished: origSize=3116
status: 200 OK
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2b0abeca-5065-411b-88bc-91a90301fb53
x-runtime: 0.021237
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"50d04700d8f96481deeef49ff3f2f0dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dceb058695e5a19-MXP
access-control-allow-headers: SDK-Version
expires: Sun, 13 Feb 2022 15:18:56 GMT

GET
H2 200 138148413-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 8239 10 KB
5 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/138148413-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediafax.ro&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 02:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 23:11:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 02:26:16 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 8239 13 KB
5 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3dda4c9622860c4f1489d89d244a685f3d800ab5716947396e09922729de9c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IOInzghsucJ8qAjkGaUoVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
etag: "6e9e69101a0a80410e499229708459b2"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-IOInzghsucJ8qAjkGaUoVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 195B 47 B
638 B 53ms
11ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 58f2873cdbbf83a9da13698addfb697a95ef9bedf88dfd606809fbb2485ce4bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
last-modified: Fri, 13 Aug 2021 14:18:56 GMT
server: Jetty(9.4.28.v20200408)
etag: 2horixl9syk441dtzuh47b7szy
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 47
expires: Mon, 13 Feb 2023 14:18:56 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ Frame 5683 128 KB
42 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 18:49:28 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7341 232 B
448 B 132ms
112ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2e5a48c85df36db234708eca1b16aef870f5d22b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.mediafax.ro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
last-modified: Sun, 13 Feb 2022 14:18:56 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e6b15347587fdb5b19935cc6d2cb6cf068719da801a9f4b95bd657eee58c3795
content-length: 166

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.29.0/assets/ 13 KB
3 KB 44ms
43ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: y712byf6x8Sf9hnOqWH0Sg==
age: 10024
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jan 2022 07:12:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f1ff8966-f01e-004b-1986-18c41e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb058e8ca839c-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/6.29.0/assets/ 20 KB
4 KB 48ms
47ms Fetch
text/css 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.29.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 10024
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jan 2022 07:13:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2a390b25-401e-00ba-75ad-07dd33000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6dceb058e8d5839c-MXP
expires: Sun, 13 Feb 2022 18:18:56 GMT

GET
H2 200 ad Show response
a.teads.tv/page/112681/ 541 B
573 B 82ms
82ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/112681/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&page=%7B%22id%22%3A112681%2C%22placements%22%3A%5B%7B%22id%22%3A122482%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A560%2C%22height%22%3A315%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A121%2C%22status%22%3A12%2C%22consent%22%3A%22CPUWsEnPUWsEnAcABBENCCCgAAAAAH_AAChQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAQSAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA%22%2C%22apiVersion%22%3A2%2C%22cmpId%22%3A28%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=361d7be8-1de0-4a37-ad84-cf92feb37c2d&formatVersion=963&env=js-web&netBw=9.9&ttfb=252
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a2381babc425605d7390db2abb9d8ac57c78346748ff7d086620c1b00ec6380a

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.mediafax.ro/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mediafax.ro
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 366
expires: Sun, 13 Feb 2022 14:18:56 GMT

GET
H2

200

rexdot.js Show response
garo.hit.gemius.pl/__/_1644761936811/
Redirect Chain

https://garo.hit.gemius.pl/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.mediafa...
https://garo.hit.gemius.pl/__/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.medi...

169 B
424 B

112ms
111ms

Script
application/x-javascript

128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://garo.hit.gemius.pl/__/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=4Vcm8SOlxFZxq9P082KZFhm.viygk9sD8uJrLdqDxF3.P7uL6oEyS.FjigwSE9KznesrcONuFhXwv4BWUBW5WWCdWp8N/Qpo4gW5s4V4Op/&fpdata=Y4CMRTSiLxGcArTyilNmcBiCZZCNmxTEPa5t4zxx4_r.T7&vis=1&fpcap=
Requested by: Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432
Protocol: H2
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: cd06fadc2f7156a270d79e6f21dcfe5e5f14c0d59f9b89e59d9984fd6cdc4c02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 12 Feb 2022 14:18:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1644761936811/rexdot.js?l=100&id=BxXlDScwkU4hA.l8NDMT5qP8fdpiQu90peyBsgNdFXL.i7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=4Vcm8SOlxFZxq9P082KZFhm.viygk9sD8uJrLdqDxF3.P7uL6oEyS.FjigwSE9KznesrcONuFhXwv4BWUBW5WWCdWp8N/Qpo4gW5s4V4Op/&fpdata=Y4CMRTSiLxGcArTyilNmcBiCZZCNmxTEPa5t4zxx4_r.T7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 12 Feb 2022 14:18:56 GMT

GET
H2 200 webPushIframe Show response
mediafax.os.tc/ Frame E54F 492 B
716 B 89ms
37ms Document
text/html 2606:4700::6810:dc60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mediafax.os.tc/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e09f6d21d39bfa4c3ac4fee7dd7f89bb1e5b06f6b3bb38a3f83165f2a156974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-xss-protection: 1; mode=block
x-request-id: 5defc731-c159-4803-a2d2-ce840bda9a6b
x-runtime: 0.010447
x-content-type-options: nosniff
expires: Sun, 13 Feb 2022 15:18:56 GMT
cf-cache-status: HIT
age: 2143
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6dceb0597c235995-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 195B 43 B
469 B 14ms
14ms Image
image/gif 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=kzlcsgdnnk4823nh&sid=1135102062960807735&loc=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&new=1&arf=0&ltm=1644761936363&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kzlcsgfr90iszc7k&ckp=kzlcsgfsz3l2mzg5&glb=&cst=2horixl9syk441dtzuh47b7szy
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ Frame 8239 54 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc388c7f751a00dbcccd3433298a647a8997df4a95dd36938b28f5211b7f75b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 00:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19352
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 00:08:30 GMT

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
691 B 51ms
14ms Script
text/javascript 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kzlcsgfsz3l2mzg5%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%222horixl9syk441dtzuh47b7szy%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%222horixl9syk441dtzuh47b7szy%22%7D%5D%2C%22siteId%22%3A%221135102062960807735%22%2C%22location%22%3A%22https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432%22%7D&callback=cXJsonpCBkzlcsgqnfmgeom5g

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de715.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

75a777c35b0c2b87a0bedd2437c53ebf19292f99b25d7c101444737ad2af847e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:56 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 118
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 28 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_2?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebf2964e7c4ffa5357ee52ce722a56fc60ebc134c1dfcbed56b40cbeb970c53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 10:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9532
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:51:03 GMT

GET
H/1.1 200
OK button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js Show response
platform.twitter.com/js/ 7 KB
3 KB 8ms
8ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.1c2a6e168692ffea6cc8d4efc5b6f6bc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:56 GMT
Content-Encoding: gzip
Age: 414615
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length: 2293
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 19:59:50 GMT
Server: ECS (frb/67F3)
Etag: "0fe442c8a1482a5540ef9bb91b588585+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 8A73 604 B
296 B 32ms
31ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCrgVndNJEwGyxfKuF6IycnA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79e2f949b24b25590d3d84e31bd77cd9961e0ce1192f782a7f197bf7737c6ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 13 Feb 2022 14:18:56 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 25ms
10ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 415147
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Feb 2023 18:59:49 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 24ms
10ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 415147
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Feb 2023 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 14ms
11ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:32:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 377179
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 05:32:37 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 13ms
9ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 410762
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Feb 2023 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 12ms
9ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:04:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 339257
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Feb 2023 16:04:39 GMT

GET
H/1.1 200
OK follow_button.4e067713e19d4fff483536ddc4df18b9.ro.html Show response
platform.twitter.com/widgets/ Frame 4252 37 KB
14 KB 7ms
7ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.4e067713e19d4fff483536ddc4df18b9.ro.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 5e5428979aae5dcb14971691d4fe1ce7e1a16ff9c16a296bcdbe1ae0048445ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 414496
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Feb 2022 14:18:56 GMT
Etag: "913a3fa9cc02d2542c8bb40cc5f6d98c+gzip"
Last-Modified: Tue, 01 Feb 2022 19:59:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13859

GET
DATA 200
OK truncated
/ Frame 4252 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 info.json Show response
cdn.syndication.twimg.com/widgets/followbutton/ Frame 4252 242 B
749 B 200ms
37ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/widgets/followbutton/info.json?callback=__twttr.setFollowersCountAndFollowing&lang=ro&screen_names=mediafax

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.4e067713e19d4fff483536ddc4df18b9.ro.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CFA) /

Resource Hash

4a827849da71187ecdd18e6aad4c26c129a96260c1a7f62ce36c641aaa3610fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
vary: Accept-Encoding
content-length: 196
x-xss-protection: 0
x-response-time: 107
last-modified: Sun, 13 Feb 2022 14:10:38 GMT
server: ECS (mil/6CFA)
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: application/javascript;charset=utf-8
expires: Sun, 13 Feb 2022 14:28:57 GMT
cache-control: must-revalidate, max-age=600
x-connection-hash: 64a819aad0db1030e15b03ed3364842cf8d9be8a280b69fb82aa8b4ea28cbf74
accept-ranges: bytes
timing-allow-origin: *
x-transaction: ca25b9966bf9a7e4
access-contol-allow-origin: platform.twitter.com

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 8A73 9 KB
2 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCrgVndNJEwGyxfKuF6IycnA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCrgVndNJEwGyxfKuF6IycnA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Feb 2023 09:20:50 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 8A73 149 KB
44 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCrgVndNJEwGyxfKuF6IycnA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.G0yl221Lv3A.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 07:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 07:06:07 GMT

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame E54F 9 KB
3 KB 38ms
38ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: mediafax.os.tc
URL: https://mediafax.os.tc/webPushIframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 610
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb059e9ad59d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:56 GMT

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 63 B
334 B 131ms
29ms Script
application/javascript 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=0&cm=1&sg=1&callback=adapt_dataRequest_sati_admp.campaignCallback&cb=1644761936934&evid=&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:57 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
transfer-encoding: chunked
Content-Type: application/javascript

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ Frame 8A73 128 KB
42 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 18:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43054
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 18:49:28 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame E54F 283 KB
68 KB 43ms
42ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1831
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb05a2a6059d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:56 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/ Frame E54F 3 KB
2 KB 32ms
31ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c05edd663c335ddfca72b8e1a4720b29128e66f51822d1df6d0ca4499cd8078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 565
cf-polished: origSize=3116
status: 200 OK
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2b0abeca-5065-411b-88bc-91a90301fb53
x-runtime: 0.021237
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"50d04700d8f96481deeef49ff3f2f0dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dceb05aab9a59d7-MXP
access-control-allow-headers: SDK-Version
expires: Sun, 13 Feb 2022 15:18:57 GMT

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 98 B
537 B 30ms
30ms Script
application/javascript 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=1&cm=0&sg=0&callback=adapt_dataRequest_sati_admp.validateCallback&cb=1644761937067&evid=cx:31m6k4n8ps667292jswsbmom02:279k8b3z2aajq&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 253a59acc14a2dbea92e63a22acfee61741e4626ce5a71ccebe32c87d09c97eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 14:18:57 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Content-Length: 98
Content-Type: application/javascript

GET
H/1.1 200
OK pagestat Show response
admp-tc-sati.adtlgc.com/event/v3/ 0
278 B 109ms
27ms XHR
image/jpeg 99.80.67.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/event/v3/pagestat?location=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&cb=1644761937100&evid=cx:31m6k4n8ps667292jswsbmom02:279k8b3z2aajq&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-67-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

XDomainRequestAllowed: 1
Date: Sun, 13 Feb 2022 14:18:57 GMT
Access-Control-Allow-Methods: *
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.mediafax.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 91 B
708 B 21ms
21ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkzlcsgy6yevuszv3&persisted=993f7e91f41899181a61f3b6fa338bd436cdd1b7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kzlcsgfsz3l2mzg5%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

baa62726e714eae8cc6ef7750db15f8bc6238d242f86e9c31cb6b06e6fe455fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 14:18:57 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 91
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webPushIframe Show response
mediafax.onesignal.com/ Frame 5C24 463 B
424 B 57ms
45ms Document
text/html 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mediafax.onesignal.com/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

664c13440894f57ce2252361ce78e4995899ef5568f89190edc1cf48b2afba6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: public, max-age=3600
referrer-policy: strict-origin-when-cross-origin
pragma: no-cache
x-xss-protection: 1; mode=block
x-request-id: b21af7b0-0e59-425b-88e4-93840d4358df
x-runtime: 0.008068
x-content-type-options: nosniff
expires: Sun, 13 Feb 2022 15:18:57 GMT
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
cf-cache-status: HIT
age: 553
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6dceb05b09b65a19-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 5C24 9 KB
3 KB 31ms
30ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: mediafax.onesignal.com
URL: https://mediafax.onesignal.com/webPushIframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 611
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb05b6d6559d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:57 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame 5C24 283 KB
68 KB 53ms
53ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1832
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dceb05b9df759d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Feb 2022 14:18:57 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
376 B 113ms
112ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22mediafax%22%2C%22widget_creator_screen_name%22%3A%22mediafax%22%2C%22language%22%3A%22ro%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1644761937234%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%220a8eea3%3A1643743420422%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.mediafax.ro
URL: https://www.mediafax.ro/externe/surse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Sun, 13 Feb 2022 14:18:57 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e6b15347587fdb5b19935cc6d2cb6cf068719da801a9f4b95bd657eee58c3795
x-transaction: a263894492900e6f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/ Frame 5C24 3 KB
2 KB 28ms
27ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/066173a2-4e4e-42e2-8441-cd02ce719c64/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c05edd663c335ddfca72b8e1a4720b29128e66f51822d1df6d0ca4499cd8078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediafax.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 565
cf-polished: origSize=3116
status: 200 OK
x-envoy-upstream-service-time: 23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2b0abeca-5065-411b-88bc-91a90301fb53
x-runtime: 0.021237
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"50d04700d8f96481deeef49ff3f2f0dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6dceb05c0f1e59d7-MXP
access-control-allow-headers: SDK-Version
expires: Sun, 13 Feb 2022 15:18:57 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 28ms
27ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3542
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6dceb05c5ffa59d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 15 Mar 2022 14:18:57 GMT

GET
H2 200 share_button.php Show response
www.facebook.com/v3.0/plugins/ Frame 18AB 48 KB
14 KB 85ms
69ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js?hash=d6b5acb54b4c2592d55299a8e0f22d9e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aafa3a5ca6af5b7bf0aea9bfcdc0a6fee7ca996298d3434e115e02e6f6a1edb0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 2fd53tB+sL1nnGlB5jInVbyD4s7KIDG08sFeaMnQ/zgkj+aGSEMwJqE50QYDiO7zbgojHOuSNQx0uOteJyxExQ==
date: Sun, 13 Feb 2022 14:18:57 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v3.0/plugins/ Frame 0C03 20 KB
11 KB 69ms
61ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32682075cf8c4%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js?hash=d6b5acb54b4c2592d55299a8e0f22d9e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dcba7848168cd48ac93321ae8eead836e8a966a7fa31b6a38c81157ef12048d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: HnKRmI3SVkAx6HmDJitbGTZn4QhmWE5g4qB1uYvS2GtTRZ8DHiS4oM8VsSZHde0XtEqm+A5qh82IYHak9mCHdQ==
date: Sun, 13 Feb 2022 14:18:57 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v3.0/plugins/ Frame A157 55 KB
16 KB 82ms
82ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js?hash=d6b5acb54b4c2592d55299a8e0f22d9e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14df8a395f54426225e512c691b1b6c6550990bff60e63e407800c171d0217d0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: adQA91yXAWkFsP0Z+zML9TNtaFLVsUhyWa4yFFXe+E07vF+nnuAK5n4WGoSA1sgopnDKes4sZxC1rvKL8GIodQ==
date: Sun, 13 Feb 2022 14:18:57 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 like.php Show response
www.facebook.com/v3.0/plugins/ Frame 8ACF 52 KB
15 KB 201ms
192ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255b94c51387ac%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fmediafax.ro%2F&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js?hash=d6b5acb54b4c2592d55299a8e0f22d9e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2965b0fd6f984d3dcc685b83aea23c0bf804645a176b0df0ffd2d25ce0117307

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /6rSXkzbJR/WZ7dehET7ASujXlRQsGrdaDF8iz/OHM7ZljvBKedtR2DDkbst1Jcl1LBmbxOthqNuqBLAtjqcZg==
date: Sun, 13 Feb 2022 14:18:57 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E2FD 2 KB
1 KB 68ms
23ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mediafax.ro&gdpr=1&gdpr_consent=CPUWsEnPUWsEnAcABBENCCCgAAAAAH_AAChQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAQSAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 516
date: Sun, 13 Feb 2022 14:18:57 GMT
content-length: 972
strict-transport-security: max-age=31536000; preload;

GET
H3 200 VWxN0EnkESX.css
www.facebook.com/rsrc.php/v3/y9/l/0,cross/ Frame 0C03 42 KB
10 KB 8ms
8ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y9/l/0,cross/VWxN0EnkESX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32682075cf8c4%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c695335f330b1e811c7e3e3f289c5b2f37dcfb08617277dbaa3c245e08d14d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32682075cf8c4%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 15:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MAL6Emx++ew1uLODC5kCwA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 10069
x-fb-rlafr: 0
x-fb-debug: futOPZU1K/NNOJctfRBauCpEY8H3qipoER/NMKNA7ZaRwWvjyC626zZcthNBFFFISwuMMcQt60zD1B8T4QrGCw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Sun, 12 Feb 2023 15:30:06 GMT

GET
H3 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 18AB 388 B
440 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 00:07:11 GMT
x-content-type-options: nosniff
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 388
x-fb-rlafr: 0
x-fb-debug: a1negCYSbcD9PN6C52vsCN70MPRoUkNPPZ8ipEYZDrulgaf/1CDu26GXN9oae1td85EgMevSroRoAke3RErt5Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 Feb 2023 00:07:11 GMT

GET
H3 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame A157 400 B
451 B 7ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 17:07:10 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 400
x-fb-rlafr: 0
x-fb-debug: CduTXfPSHHuqUidT9trlVoevvrfmuE/hDOWBIKc8UNUrxApcyhucGnghlvDMXGa70YNWelD4UbIBkyXr/rtenQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Feb 2023 17:07:10 GMT

GET
H3 200 K-cFmV5QIXA.js Show response
www.facebook.com/rsrc.php/v3if-T4/ya/l/ro_RO/ Frame 18AB 520 KB
136 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3if-T4/ya/l/ro_RO/K-cFmV5QIXA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68117166a946b157154a5c2cf77b6a39c1f39ffb8aa606710e15b650f818375e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 03:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RAdSlqc9TuzTJu/vzO06DA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 138944
x-fb-rlafr: 0
x-fb-debug: xkXf08QoIk7mdKBvlkawQ7fT/HZoeQeTS+cIHGK8JcE6cVqJtMFh/KAIEYEoGP9AaI/JeyOqTkhrVqkMzshvwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 12 Feb 2023 03:45:55 GMT

GET
H3 200 K-cFmV5QIXA.js Show response
www.facebook.com/rsrc.php/v3if-T4/ya/l/ro_RO/ Frame A157 520 KB
136 KB 7ms
6ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3if-T4/ya/l/ro_RO/K-cFmV5QIXA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68117166a946b157154a5c2cf77b6a39c1f39ffb8aa606710e15b650f818375e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 03:45:55 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RAdSlqc9TuzTJu/vzO06DA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 138944
x-fb-rlafr: 0
x-fb-debug: xkXf08QoIk7mdKBvlkawQ7fT/HZoeQeTS+cIHGK8JcE6cVqJtMFh/KAIEYEoGP9AaI/JeyOqTkhrVqkMzshvwg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 12 Feb 2023 03:45:55 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A157 67 B
99 B 46ms
45ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1644761937790&t_start=1644761937790&t_domcontent=1644761937798&t_layout=1644761937812&t_onload=1644761937812&t_paint=1644761937812&t_creport=1644761937812&t_tti=1644761937798&lid=7064198730536896508-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df990e9be14778%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&layout=button_count&locale=ro_RO&sdk=joey&share=true&show_faces=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: IWcwyf4Rfkt5x936sassXF9KzOOyWiES1v0smtxNn1PHI9X7tciMw8yoU4Am8bugCtpx973L8LEWPZJM+mFzew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Feb 2022 14:18:57 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/066173a2-4e4e-42e2-8441-cd02ce719c64/ 44 B
524 B 155ms
131ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/066173a2-4e4e-42e2-8441-cd02ce719c64/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2eb72e9a-d3cb-4a90-bedf-3391bd759cf8
x-runtime: 0.006552
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e51140cdcd044ad76335646936ec5319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6dceb05f9da43751-MXP
access-control-allow-headers: SDK-Version

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 18AB 67 B
99 B 38ms
37ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1644761937783&t_start=1644761937783&t_domcontent=1644761937799&t_layout=1644761937854&t_onload=1644761937854&t_paint=1644761937854&t_creport=1644761937854&t_tti=1644761937799&lid=7064198731116595138-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3954c7febe318c%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=560&href=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&locale=ro_RO&sdk=joey&type=button
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: W3qIDzWKGHx9kTswR7v/7YKLdb/USyCD0UukNvFcn63TAhFFcr08AYFOWo+p+syvgAhLrpSHxsa+kuQA5QR8yQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Feb 2022 14:18:57 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 8ACF 400 B
2 KB 8ms
8ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255b94c51387ac%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fmediafax.ro%2F&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 400
x-fb-rlafr: 0
x-fb-debug: CduTXfPSHHuqUidT9trlVoevvrfmuE/hDOWBIKc8UNUrxApcyhucGnghlvDMXGa70YNWelD4UbIBkyXr/rtenQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 01 Feb 2023 17:07:10 GMT

GET
H2 200 K-cFmV5QIXA.js Show response
static.xx.fbcdn.net/rsrc.php/v3if-T4/ya/l/ro_RO/ Frame 8ACF 520 KB
136 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3if-T4/ya/l/ro_RO/K-cFmV5QIXA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255b94c51387ac%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fmediafax.ro%2F&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68117166a946b157154a5c2cf77b6a39c1f39ffb8aa606710e15b650f818375e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RAdSlqc9TuzTJu/vzO06DA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 138944
x-fb-rlafr: 0
x-fb-debug: xkXf08QoIk7mdKBvlkawQ7fT/HZoeQeTS+cIHGK8JcE6cVqJtMFh/KAIEYEoGP9AaI/JeyOqTkhrVqkMzshvwg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 12 Feb 2023 03:45:55 GMT

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mediafax.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 8ACF 67 B
99 B 40ms
40ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1644761937975&t_start=1644761937975&t_domcontent=1644761937978&t_layout=1644761938030&t_onload=1644761938030&t_paint=1644761938030&t_creport=1644761938030&t_tti=1644761937978&lid=7064198729897396340-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=816679868905651&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df255b94c51387ac%26domain%3Dwww.mediafax.ro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediafax.ro%252Ff55e12ae6b2f48%26relation%3Dparent.parent&container_width=270&href=https%3A%2F%2Fwww.facebook.com%2Fmediafax.ro%2F&layout=standard&locale=ro_RO&sdk=joey&share=true&show_faces=false&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: G30dnuqk8UK/kOl8DeP3wv5ywDX0imIw7YOJkwAjgoEWopSDdn9VsRAnIs4BF8N9jv1lAywe4AdSqWVnMknKow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Feb 2022 14:18:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:16:13	Name: NID Value: 511=H4zlKBfCbQN0LCKgeRDAgg9QDBKVV1u68OxZsBl42hVk3RY06fbjojSLyM0eERhPeFQT1LjgnRhkqCFxFzlOW0yhj54hxnusjGZGun8Mw5nf3n3L8c8YOT2KT2l52hpnsr_b7SYR1_gryGT4t2ettf0PlV-om9QKA23dkeO-FFo
www.mediafax.ro/	1970-01-20 01:02:46	Name: maxFeeder Value: 1
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20522915 Value: 1
www.mediafax.ro/	1970-01-20 01:02:46	Name: www.zf.ro Value: 1
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20497893 Value: 0
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20492294 Value: 0
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20507937 Value: 1
www.mediafax.ro/	1970-01-20 01:02:46	Name: www.businessmagazin.ro Value: 1
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20512549 Value: 0
www.mediafax.ro/	1970-01-20 01:02:46	Name: 20506301 Value: 0
.mediafax.ro/	1969-12-31 23:59:59	Name: cX_S Value: kzlcsgfr90iszc7k
.mediafax.ro/	1970-01-20 09:38:17	Name: cX_P Value: kzlcsgfsz3l2mzg5
www.mediafax.ro/	1970-01-20 00:54:08	Name: UserSegmentIds Value:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fP_-2HMrsx0
.mediafax.ro/	1970-01-20 18:23:53	Name: _ga Value: GA1.2.1909923854.1644761937
.mediafax.ro/	1970-01-20 00:54:08	Name: _gid Value: GA1.2.1744989297.1644761937
.mediafax.ro/	1970-01-20 00:52:41	Name: _gat_UA-497209-3 Value: 1
.mediafax.ro/	1970-01-20 10:21:29	Name: __gfp_64b Value: Y4CMRTSiLxGcArTyilNmcBiCZZCNmxTEPa5t4zxx4_r.T7\|1644761936
.hit.gemius.pl/	1970-01-20 01:02:46	Name: Gtest Value: KlSV1RGGQMQGIevv4iayaiMissGMXP8c25nSGueO3eKBXBG.
.cxense.com/	1970-01-20 09:38:17	Name: gckp Value: 2bqe9qt7z6hrl11sez7ox8qufl
.mediafax.ro/	1970-01-20 09:38:17	Name: cX_G Value: cx%3A31m6k4n8ps667292jswsbmom02%3A279k8b3z2aajq
.hit.gemius.pl/	1970-01-20 10:21:29	Name: Gdyn Value: KlSLoMaGQMQGIevv4iayaiMissGMXP8c25nSGueO3eKBFRxSG7RrGS6GYo9BFlMXYH8Po1WrGQaPge9iaQG.
www.mediafax.ro/	1970-01-20 03:02:17	Name: evid_0046 Value: cx:31m6k4n8ps667292jswsbmom02:279k8b3z2aajq
.adtlgc.com/	1970-01-20 13:50:17	Name: evid_0046 Value: cx:31m6k4n8ps667292jswsbmom02:279k8b3z2aajq
www.mediafax.ro/	1970-01-20 00:52:49	Name: adptset_0046 Value: 1
www.mediafax.ro/	1970-01-20 00:52:41	Name: evid_set_0046 Value: 2
.mediafax.ro/	1970-01-20 09:38:17	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Feb+13+2022+14%3A18%3A57+GMT%2B0000+(GMT)&version=6.29.0&consentId=5491825b-c2be-4366-98d7-b5d0e0e1dca4&interactionCount=0&landingPath=https%3A%2F%2Fwww.mediafax.ro%2Fexterne%2Fsurse-reuters-macron-a-refuzat-sa-faca-un-test-covid-19-in-rusia-din-cauza-temerilor-legate-de-furtul-de-adn-20519432&groups=BG1385%3A1%2CC0025%3A1%2CC0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0%2CC0013%3A0%2CC0005%3A0%2CSTACK1%3A0&hosts=H364%3A1%2Cqof%3A1%2CH561%3A1%2CH688%3A1%2CH959%3A1%2CH1068%3A1%2Coew%3A1%2CH1279%3A1%2CH1347%3A1%2CH2134%3A1%2CH1552%3A1%2CH1574%3A1%2CH704%3A0%2CH741%3A0%2CH760%3A0%2Chzh%3A0%2CH180%3A0%2CH270%3A0%2CH423%3A0%2Cyro%3A0%2CH840%3A0%2Cabj%3A0%2CH991%3A0%2CH997%3A0%2Cwty%3A0%2CH1206%3A0%2Ckac%3A0%2CH1410%3A0%2CH1430%3A0%2CH1499%3A0%2CH2%3A0%2CH4%3A0%2CH5%3A0%2CH10%3A0%2CH26%3A0%2CH53%3A0%2CH54%3A0%2CH55%3A0%2CH68%3A0%2CH72%3A0%2CH86%3A0%2CH96%3A0%2CH118%3A0%2CH123%3A0%2CH142%3A0%2CH146%3A0%2CH174%3A0%2CH176%3A0%2CH188%3A0%2CH194%3A0%2CH196%3A0%2CH207%3A0%2CH222%3A0%2Cufl%3A0%2CH256%3A0%2Csbx%3A0%2CH268%3A0%2Cmbu%3A0%2CH1619%3A0%2CH313%3A0%2CH328%3A0%2CH343%3A0%2Cmof%3A0%2CH347%3A0%2CH348%3A0%2CH350%3A0%2Cvaf%3A0%2CH375%3A0%2CH2694%3A0%2CH380%3A0%2CH391%3A0%2CH396%3A0%2CH406%3A0%2CH414%3A0%2CH417%3A0%2CH434%3A0%2Cgjl%3A0%2Csvj%3A0%2CH1621%3A0%2CH454%3A0%2CH456%3A0%2CH465%3A0%2Czmu%3A0%2CH481%3A0%2CH487%3A0%2Cuac%3A0%2Cgfu%3A0%2CH508%3A0%2CH513%3A0%2CH526%3A0%2CH528%3A0%2CH533%3A0%2CH541%3A0%2Cekk%3A0%2CH546%3A0%2CH553%3A0%2CH567%3A0%2CH583%3A0%2CH585%3A0%2Cpjd%3A0%2CH589%3A0%2CH594%3A0%2CH602%3A0%2CH619%3A0%2CH629%3A0%2CH639%3A0%2CH647%3A0%2CH664%3A0%2CH676%3A0%2CH1924%3A0%2CH681%3A0%2CH684%3A0%2CH697%3A0%2CH701%3A0%2CH702%3A0%2Cjzy%3A0%2CH718%3A0%2CH732%3A0%2CH740%3A0%2Ckrj%3A0%2CH766%3A0%2CH768%3A0%2Cojc%3A0%2CH777%3A0%2CH779%3A0%2CH788%3A0%2Chmb%3A0%2CH831%3A0%2CH841%3A0%2CH851%3A0%2CH866%3A0%2CH867%3A0%2CH869%3A0%2CH888%3A0%2CH1689%3A0%2CH937%3A0%2Cxnt%3A0%2CH941%3A0%2CH963%3A0%2CH1889%3A0%2Ceij%3A0%2CH1001%3A0%2CH1002%3A0%2CH1005%3A0%2CH1012%3A0%2CH1017%3A0%2CH1027%3A0%2CH1029%3A0%2CH1038%3A0%2CH1054%3A0%2CH1066%3A0%2Chww%3A0%2CH1103%3A0%2CH1104%3A0%2CH1116%3A0%2Cvds%3A0%2CH1138%3A0%2CH1145%3A0%2CH1146%3A0%2CH1151%3A0%2CH1630%3A0%2CH1160%3A0%2CH1165%3A0%2CH1167%3A0%2CH1178%3A0%2CH1188%3A0%2CH1204%3A0%2CH1205%3A0%2CH1207%3A0%2Cgkd%3A0%2CH1222%3A0%2CH1229%3A0%2Cwwc%3A0%2CH1247%3A0%2CH1260%3A0%2CH1276%3A0%2CH1287%3A0%2CH1311%3A0%2CH1312%3A0%2CH1314%3A0%2CH1326%3A0%2CH1340%3A0%2CH1352%3A0%2CH1354%3A0%2CH1360%3A0%2CH1366%3A0%2CH2242%3A0%2CH1371%3A0%2CH1373%3A0%2CH1381%3A0%2CH1385%3A0%2CH1391%3A0%2Cxaj%3A0%2Czvb%3A0%2CH1441%3A0%2Cplw%3A0%2CH1452%3A0%2Cqgl%3A0%2CH1471%3A0%2CH1473%3A0%2Cngc%3A0%2CH1474%3A0%2Ckcz%3A0%2CH1632%3A0%2CH1496%3A0%2CH1509%3A0%2CH1521%3A0%2CH1533%3A0%2CH1551%3A0%2CH1560%3A0%2CH1562%3A0%2CH1563%3A0%2CH1568%3A0%2CH1571%3A0%2CH1578%3A0%2CH1597%3A0%2CH37%3A0%2CH555%3A0%2CH1125%3A0%2CH613%3A0%2Cscu%3A0%2CH1269%3A0%2CH1390%3A0%2CH1475%3A0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
accounts.google.com
admp-tc-sati.adtlgc.com
ajax.googleapis.com
api.cxense.com
apis.google.com
cdn.cookielaw.org
cdn.cxense.com
cdn.onesignal.com
cdn.syndication.twimg.com
cdn.unblockia.com
cnt.m.ro
code3.adtlgc.com
comcluster.cxense.com
connect.facebook.net
cookie-cdn.cookiepro.com
garo.hit.gemius.pl
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
id.cxense.com
ls.hit.gemius.pl
mediafax.onesignal.com
mediafax.os.tc
onesignal.com
p1cluster.cxense.com
pagead2.googlesyndication.com
platform.twitter.com
quiz.onlinelivesurvey.com
s8t.teads.tv
scdn.cxense.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.criteo.net
static.xx.fbcdn.net
storage0.dms.mpinteractiv.ro
syndication.twitter.com
t.teads.tv
w.soundcloud.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.mediafax.ro
www.youtube.com
104.111.245.50
104.244.42.72
128.140.224.226
13.224.89.10
142.250.184.226
146.59.30.108
147.75.85.120
178.63.12.147
192.229.233.25
2.18.232.7
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:10::6814:b844
2606:4700:20::ac43:49b8
2606:4700::6810:9540
2606:4700::6810:dc60
2606:4700::6812:678
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:808::200d
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:7100:589::268b
2a02:26f0:7100:58d::268b
2a02:26f0:ab00:2b8::26e5
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
93.113.11.101
93.113.11.202
93.113.11.218
99.80.67.233
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
03a1e8c35360ea24c47b70a313d6fefa5fcd2f4bf9b27011388c5231f82dddb7
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
142c96e3a6e08865a80eb37537f9688fd449c0d9655dabcea8488f0e4844bfd8
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14df8a395f54426225e512c691b1b6c6550990bff60e63e407800c171d0217d0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
190c2b760317005f08334a5ead6381b74ad8caf0d1f960200748049d0fd3f11b
1d56bde1a5af9b22958342cfdea8712797d3d208a3853dba086d87c1ab331cd1
1e098d2fb96d6dcd6d8c78e52231e0c9dac54e4e0b93f8c8add5fa672df1ac7d
1e38114ce5a16eb5ab3058f60f3267aedcdfe65f50f54fb36f9c603ddad9080f
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
222b245830c8a115a9bd7eb96b0abf53045bd04f6d81fd3fad479e82a5e0d132
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
23d062b46761d2148b84ca93d72dfdf2f16833f2ebb54ebdafdf25f1e10afc50
2439887e9f0255d1282f000e8bf0859ed005a86cb8f6e61a14ada232bb37618e
253a59acc14a2dbea92e63a22acfee61741e4626ce5a71ccebe32c87d09c97eb
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
2965b0fd6f984d3dcc685b83aea23c0bf804645a176b0df0ffd2d25ce0117307
2d53acf56bcab98433e79a8c9ace1007cf9295771e151c582821d58ecce8ad3e
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2fdca1bbe9d973e1e23d9ec57321d23e7e838ecdcb9a8335599c5b9037d737d1
30df00f2df7d658af39046a43a217bd3b787438aba2274c3b6d785035632ede0
326d6c86acbda4e57e2d19570c9ac02c650b4975bbe8acb0be091f32a2fbb09a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
3dda4c9622860c4f1489d89d244a685f3d800ab5716947396e09922729de9c70
3e038fa1a7515e7349a97dc8ae73c124ee5fc6a9572ea2c8e333de50f316d965
3e8d8f3cf06e8660a2aa7ca41fa42f03967e15582ae757890f350fbed08ad4b2
3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b
405c75cac61280ec1f9ef44336db63bd433a5db6d864a12dde3b565b1056a056
4289d265aaa337c2f168e5a2f422844b2778008f45af6e222483f75ab7e86483
45822d3c061421a8f057c956d9de77512eabe3439aced15434ee259d0269f35b
4738c37c9290cdecf057add5feb2fd8dfc676f27f6ab252826a12404821bf41b
4a827849da71187ecdd18e6aad4c26c129a96260c1a7f62ce36c641aaa3610fd
4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153
4d76bea23ed970eefc709298a3dadbba9b07d37a89b1edab024c6f59af752a30
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f07c95d2dbc59c70d30782ddc23281cd853824bd21f972dee68b8d42205411d
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54d1c383150b3b4abdbbb9c3aaa39a41d440d46399e5bb2f5fecca87b616d6d8
58f2873cdbbf83a9da13698addfb697a95ef9bedf88dfd606809fbb2485ce4bf
5c05edd663c335ddfca72b8e1a4720b29128e66f51822d1df6d0ca4499cd8078
5dcba7848168cd48ac93321ae8eead836e8a966a7fa31b6a38c81157ef12048d
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e5428979aae5dcb14971691d4fe1ce7e1a16ff9c16a296bcdbe1ae0048445ff
66050c1ddd78fb51a51c284209b0b45075f5c566e747335226094df12272c94d
664c13440894f57ce2252361ce78e4995899ef5568f89190edc1cf48b2afba6f
68117166a946b157154a5c2cf77b6a39c1f39ffb8aa606710e15b650f818375e
684cf0f64b03a51b3c9472c50ec27d10292e6dbfa3c99f9bd473026c273dfec1
6b7ec16fc03198c995a70b870ec86f297578daccc4783aa85bc5cc5104243acc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb5fda084cd52e9cbcaf8a73e92401f09681e4eccf51b9c9ee3760eb7431541
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
71120292c1c264d86922684ad25cc91b9b8c5c29858161f775196aedbbc4cc44
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75a777c35b0c2b87a0bedd2437c53ebf19292f99b25d7c101444737ad2af847e
7836ce59bd4d5c17aee9cbecfe58226b1d45f2a77b00f7c4e8616896fd06929e
78485a79a88d58baf7fa253ec43d6827f88dada8b16a1a36325994a84f423970
79e2f949b24b25590d3d84e31bd77cd9961e0ce1192f782a7f197bf7737c6ef5
7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473
7d097ea2d2a619998ed7aa7c2c26c1cbf8e5909cec2c553647c1dce1dcf535c0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
80ce543ac83f07aa7d7052fb5a1eac082ff792aadc4a5a680cb89cc68f87c8b9
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
87d69772349eaf03b5f255923b799d2fd3670b134b74850110100457a8742e6e
87f6a0017e07ebf47017a92d0098306dea1682253848584e55c70ee08a2856a1
8891e3dd63c903973fa40ed67798eb1830ffc2fd7d418c6ad57374920f9a75ea
8a8a11b37a521bf7071c39e814c8d4e25ad40cfcbce0456342b8eebba53b4b1f
8aabf80549012559b7c52e0b26adccccd8c47fc62ed148dac912078ba9cd5be2
8ad6a4d90d9a3ee098c7e4d5307fa465afd70a76481878bd01e8b81c7cafbcaf
8cc7be46f45c66560f58073a546c475d0e1f40f848610d633a9044e348ed6825
8d07572d2827812d2e3a43d894498467952d8f6b483b0ef545d36c3d08f02e3a
8e09f6d21d39bfa4c3ac4fee7dd7f89bb1e5b06f6b3bb38a3f83165f2a156974
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
927c7c926c79759e7e43d92a0c38b384eb0e25bece6d37d0f9ce820a2ce4fa25
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
94b2495f16587237d171650b0e8c4f49bb3628fc147ad12b4998c9a309833012
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9ab11745f766d3757b861908fc492a9504ed50b7e0f21f8470888ddfcd04cba8
9c59ca05154a51f35df61f8a67b37c94c2236bd7910319d07f79f535ab9e4756
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2381babc425605d7390db2abb9d8ac57c78346748ff7d086620c1b00ec6380a
a3ffd0b71bdcf003ffb6d430fb1160262ac207ab5901cfee3ca41ccfd1060b30
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a87873adf0a49aac6bf34412987fc922450c00f177c3df15c6fadf1dbf1a8c88
a87882870eda07c01a05282e8e8e1dd8ce7df22e8726dbc5f9c07c49f2317fff
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aafa077cfc026f71f923c73d3e90bad33b6ce450ad92fb5dd8b5d18dc2b48842
aafa3a5ca6af5b7bf0aea9bfcdc0a6fee7ca996298d3434e115e02e6f6a1edb0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
b9fd9d140fb34a7f17c84144dcd969da8a2f48b0a20923d4d46f13ec5295ba41
baa62726e714eae8cc6ef7750db15f8bc6238d242f86e9c31cb6b06e6fe455fb
baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf7b057ae309e2de08d7685b5444d7dc0a5fc87bfc0803855d6f76a68a6ace32
c1465005b4823bee385fff524630dc74e6616204d11993060ada88ed17cf37eb
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
c4c7ad885ed9c1ad4c73dcbed26612efc3267c4697b797fcca5602040eaa7f4f
c5492b5bb05514114b17e4f1e2c1877b8413aa8fe5c55f0fbd00bfc8efb80271
c606d7ba33d0a8a959fb7cb3a9f17d7b338b4ea207ac95ee50ce77d569c9f3ba
c695335f330b1e811c7e3e3f289c5b2f37dcfb08617277dbaa3c245e08d14d68
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c85ebf489d05c9d5a419636b601143378258823d2536e7873f735f17f257ec03
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cb61a8f11d6c2797e715b12b787b48a62f05537f1e5de0fe4f2809506392640b
cd06fadc2f7156a270d79e6f21dcfe5e5f14c0d59f9b89e59d9984fd6cdc4c02
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
ddd4ef7f97f4361b60841d59753218a57134b0f99f5b46a9612234f1c2733ab0
de85ba404ac743bd5b7119b9a5dcad583fc9868f530e009e6b281bc1182023b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adc260fa5bff268e2359ba73814e154d7e3cd828dd946b8076d6b5129218a3
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
ea5bf53214cd5075a0976d422d1589fb982607ddf667c76a70c9988fc1ee29b0
eb4fa981a32a57023f2835ad8e303b94f9c06aee5ec81d4d970d85408f86cf1a
ebf2964e7c4ffa5357ee52ce722a56fc60ebc134c1dfcbed56b40cbeb970c53d
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
efb5e0010b3a8a805a957d462d882e51b215472797afea2e2d19159d480d286d
f3f8efc74309ee4c94f5e5f9fff12b4e3c2f829b66cb32561e54a98dbc705c17
f5b719f48aabcc4ed44ac7f1db60e0a2f8f80958521bf7ff658f37db3f48a024
f749fe9b5d66ea80f357abd573ece33eb66db89be51ae3408f8aa61becf58e74
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fc388c7f751a00dbcccd3433298a647a8997df4a95dd36938b28f5211b7f75b0
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

www.mediafax.ro Open in urlscan Pro 93.113.11.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

99 %HTTPS

63 %IPv6

30 Domains

44 Subdomains

39 IPs

6 Countries

2958 kBTransfer

9699 kBSize

27 Cookies

37 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mediafax.ro Open in urlscan Pro
93.113.11.101 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

99 %
HTTPS

63 %
IPv6

30
Domains

44
Subdomains

39
IPs

6
Countries

2958 kB
Transfer

9699 kB
Size

27
Cookies

150 HTTP transactions
3 data transactions