www.gandul.ro Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gandul.info/
Effective URL:
https://www.gandul.ro/
Submission: On February 18 via api (February 18th 2022, 5:47:00 pm UTC) from GB — Scanned from GB

Summary HTTP 235 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 92 IPs in 11 countries across 101 domains to perform 235 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gandul.ro. The Cisco Umbrella rank of the primary domain is 433641.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2021. Valid for: a year.

This is the only time www.gandul.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:ca82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	104.111.245.50 104.111.245.50	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:298::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	192.102.6.94 192.102.6.94	57682 (HVDS-AS) (HVDS-AS)
1	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3 3	2606:4700:303... 2606:4700:3031::6815:4cf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:215... 2600:9000:2156:2a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:de00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
3	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	178.63.12.208 178.63.12.208	24940 (HETZNER-AS) (HETZNER-AS)
5	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	192.102.6.123 192.102.6.123	57682 (HVDS-AS) (HVDS-AS)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1	18.158.151.211 18.158.151.211	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	18.203.56.89 18.203.56.89	16509 (AMAZON-02) (AMAZON-02)
1	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1 1	192.102.6.144 192.102.6.144	57682 (HVDS-AS) (HVDS-AS)
3 5	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
1 1	192.102.6.72 192.102.6.72	57682 (HVDS-AS) (HVDS-AS)
1 1	104.111.246.208 104.111.246.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	62.128.97.7 62.128.97.7	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1 21	104.92.106.193 104.92.106.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	62.128.97.25 62.128.97.25	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1	2606:4700:10:... 2606:4700:10::ac43:1c9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.75.253.85 185.75.253.85	48684 (VIKINGHOST) (VIKINGHOST)
1 1	195.85.23.89 195.85.23.89	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	195.85.23.96 195.85.23.96	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2 3	2606:4700::68... 2606:4700::6812:6428	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1	104.16.106.108 104.16.106.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	143.204.98.90 143.204.98.90	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.118 143.204.98.118	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::6819:e935	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.186.241 2.16.186.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681b:5171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	178.248.238.82 178.248.238.82	197068 (QRATOR) (QRATOR)
1	2606:4700:10:... 2606:4700:10::6816:df6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	209.140.129.51 209.140.129.51	11643 (EBAY) (EBAY)
1	23.35.237.31 23.35.237.31	() ()
1	2606:4700:10:... 2606:4700:10::ac43:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.90.139.132 104.90.139.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.22.6.169 104.22.6.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4155	() ()
1	2606:4700::68... 2606:4700::6811:a149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:b729	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.89.238 104.21.89.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	164.90.198.24 164.90.198.24	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 3	45.60.78.64 45.60.78.64	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700:303... 2606:4700:3033::6815:2d21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.40.77 172.66.40.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.216.189.66 34.216.189.66	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:16e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::ac43:45a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:136e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.20.1.53 104.20.1.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.111.243.137 104.111.243.137	() ()
1	2606:4700:310... 2606:4700:3108::ac42:2ba4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:235... 2606:2800:235:1c73:1f86:1376:22ce:2cd	() ()
1	52.222.214.120 52.222.214.120	() ()
1	104.18.28.208 104.18.28.208	() ()
1	2606:4700::68... 2606:4700::6812:1c15	() ()
1	2606:4700::68... 2606:4700::6811:3c3a	() ()
1	185.117.134.138 185.117.134.138	() ()
1 2	2606:4700:10:... 2606:4700:10::ac43:1e5d	() ()
1	2606:4700::68... 2606:4700::6812:99	() ()
1	2606:4700:20:... 2606:4700:20::681a:6bb	() ()
1	2606:4700::68... 2606:4700::6811:7311	() ()
1	2606:4700:20:... 2606:4700:20::681a:f02	() ()
1	23.45.104.178 23.45.104.178	() ()
1	34.120.45.191 34.120.45.191	() ()
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	163.181.56.193 163.181.56.193	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	104.111.214.74 104.111.214.74	() ()
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	() ()
1	87.240.190.67 87.240.190.67	() ()
7	62.128.97.27 62.128.97.27	() ()
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	() ()
235	92

1 2606:4700:3037::ac43:ca82 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gandul.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gandul.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.gandul.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-50.deploy.static.akamaitechnologies.com

code3.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:298::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.102.6.94 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: s3.zevshost.net

neuronales.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bread.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:4cf9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.gandul.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:2a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:de00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.12.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de716.cxense.com

comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.102.6.123 (Kyiv, Ukraine)

ASN57682 (HVDS-AS, UA)
PTR: server.odnaknopka.ru

odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.151.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-151-211.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.56.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-56-89.eu-west-1.compute.amazonaws.com

admp-tc-sati.adtlgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.144 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: 192.102.6.144.stat.zevshost.net

webcache.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.9.60.211 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

pubmedya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.72 (Kyiv, Ukraine) 1 redirects

ASN57682 (HVDS-AS, UA)
PTR: s1.zevshost.net

tsystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.246.208 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-246-208.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.128.97.7 (Moscow, Russian Federation) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

sale.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.92.106.193 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-193.deploy.static.akamaitechnologies.com

login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.128.97.25 (Moscow, Russian Federation) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1c9a (United States)

ASN13335 (CLOUDFLARENET, US)

www.eneba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.75.253.85 (Netherlands) 1 redirects

ASN48684 (VIKINGHOST, NL)

bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.89 (Czech Republic) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-89-23-conversasro.com

bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.23.96 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-96-23-conversasro.com

de.bongacams.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:6428 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.132.27 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

www.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.106.108 (None, )

ASN13335 (CLOUDFLARENET, US)

www.rentalcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net

www.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-118.fra50.r.cloudfront.net

accounts.binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:e935 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-241.deploy.static.akamaitechnologies.com

www.lightinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.miniinthebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681b:5171 (United States)

ASN13335 (CLOUDFLARENET, US)

p2pb2b.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.248.238.82 (Russian Federation) 2 redirects

ASN197068 (QRATOR, RU)

www.liteforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
litefinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.litefinance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:df6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.instaforex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.140.129.51 (United States) 2 redirects

ASN11643 (EBAY, US)
PTR: rover-public-rnoaz03-1-1.ebay.com

rover.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.31 (None, )

ASN- ()

www.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:557 (United States)

ASN13335 (CLOUDFLARENET, US)

faucetcrypto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.139.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-139-132.deploy.static.akamaitechnologies.com

de.banggood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.6.169 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4155 (None, )

ASN- ()

www.udemy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a149 (United States)

ASN13335 (CLOUDFLARENET, US)

www.forextime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

shop.safepal.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:b729 (United States)

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.89.238 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbfxdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.198.24 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

my6.roboforex.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.60.78.64 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.exness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.exness.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2d21 (United States)

ASN13335 (CLOUDFLARENET, US)

biswap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.40.77 (United States)

ASN13335 (CLOUDFLARENET, US)

gleam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.189.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-189-66.us-west-2.compute.amazonaws.com

www.tomtop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:16e3 (United States)

ASN13335 (CLOUDFLARENET, US)

creativemarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bitdegree.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:136e (United States)

ASN13335 (CLOUDFLARENET, US)

www.kucoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.1.53 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.243.137 (None, ) 1 redirects

ASN- ()

offer.alibaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2ba4 (United States)

ASN13335 (CLOUDFLARENET, US)

changelly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:235:1c73:1f86:1376:22ce:2cd (None, )

ASN- ()

de.dhgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.120 (None, )

ASN- ()

cointracking.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.208 (None, )

ASN- ()

www.gate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1c15 (None, )

ASN- ()

nexo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3c3a (None, )

ASN- ()

paxful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.117.134.138 (None, )

ASN- ()

iqbroker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1e5d (None, ) 1 redirects

ASN- ()

remitano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:99 (None, )

ASN- ()

kinsta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6bb (None, )

ASN- ()

fbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7311 (None, )

ASN- ()

www.canva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f02 (None, )

ASN- ()

faucetpay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.104.178 (None, )

ASN- ()

www.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.45.191 (None, )

ASN- ()

www.semrush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.193 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

g.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.214.74 (None, )

ASN- ()

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.67 (None, )

ASN- ()

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.128.97.27 (None, )

ASN- ()

ru.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	gandul.ro www.gandul.ro — Cisco Umbrella Rank: 433641 media.gandul.ro — Cisco Umbrella Rank: 820513	575 KB
27	alicdn.com i.alicdn.com — Cisco Umbrella Rank: 18910 assets.alicdn.com — Cisco Umbrella Rank: 11062 g.alicdn.com — Cisco Umbrella Rank: 7892 ae01.alicdn.com	733 KB
11	demand.supply live.demand.supply — Cisco Umbrella Rank: 28082	38 KB
10	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	220 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	744 KB
8	cxense.com scdn.cxense.com — Cisco Umbrella Rank: 9903 cdn.cxense.com — Cisco Umbrella Rank: 4660 comcluster.cxense.com — Cisco Umbrella Rank: 4318 p1cluster.cxense.com — Cisco Umbrella Rank: 6557 id.cxense.com — Cisco Umbrella Rank: 8288 api.cxense.com — Cisco Umbrella Rank: 6479	47 KB
7	mmstat.com ru.mmstat.com	988 B
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309	154 KB
5	pubmedya.net 3 redirects pubmedya.net — Cisco Umbrella Rank: 321050	6 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
5	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 2951 onesignal.com — Cisco Umbrella Rank: 1314 img.onesignal.com Failed	83 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	41 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	45 KB
4	adtlgc.com code3.adtlgc.com — Cisco Umbrella Rank: 73140 admp-tc-sati.adtlgc.com — Cisco Umbrella Rank: 79881	13 KB
4	gandul.info 4 redirects gandul.info — Cisco Umbrella Rank: 421533 www.gandul.info	3 KB
3	facebook.net connect.facebook.net	205 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	70 KB
3	ebay.com 2 redirects rover.ebay.com — Cisco Umbrella Rank: 6447 www.ebay.com	592 B
3	chaturbate.com 2 redirects chaturbate.com — Cisco Umbrella Rank: 17578	8 KB
3	aliexpress.ru 2 redirects sale.aliexpress.ru — Cisco Umbrella Rank: 302033 login.aliexpress.ru — Cisco Umbrella Rank: 33701	7 KB
3	adpone.com rtb.adpone.com — Cisco Umbrella Rank: 14115 Failed	2 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	157 KB
2	facebook.com www.facebook.com	386 B
2	remitano.com 1 redirects remitano.com	1 KB
2	alibaba.com 1 redirects offer.alibaba.com	1 KB
2	cex.io 1 redirects cex.io — Cisco Umbrella Rank: 144791	913 B
2	bitdegree.org 1 redirects www.bitdegree.org — Cisco Umbrella Rank: 499269	1 KB
2	exness.com 2 redirects www.exness.com — Cisco Umbrella Rank: 272029	2 KB
2	freebitco.in 1 redirects freebitco.in — Cisco Umbrella Rank: 121294	254 B
2	litefinance.com 1 redirects litefinance.com — Cisco Umbrella Rank: 647530 www.litefinance.com — Cisco Umbrella Rank: 892437	235 B
2	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 91724	297 B
2	binance.com 1 redirects www.binance.com — Cisco Umbrella Rank: 17222 accounts.binance.com — Cisco Umbrella Rank: 92144	304 B
2	thelotter.com 1 redirects www.thelotter.com — Cisco Umbrella Rank: 493461	602 B
2	bongacams.com 1 redirects bongacams.com — Cisco Umbrella Rank: 40161 de.bongacams.com — Cisco Umbrella Rank: 233483	971 B
2	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 23127 login.aliexpress.com — Cisco Umbrella Rank: 31428	3 KB
2	pp.ua 2 redirects webcache.pp.ua — Cisco Umbrella Rank: 783312 bread.pp.ua	549 B
2	odnaknopka.ru odnaknopka.ru	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	103 KB
1	vk.com vk.com	487 B
1	semrush.com www.semrush.com
1	agoda.com www.agoda.com
1	faucetpay.io faucetpay.io
1	canva.com www.canva.com
1	fbs.com fbs.com
1	kinsta.com kinsta.com
1	iqbroker.com iqbroker.com
1	paxful.com paxful.com
1	nexo.io nexo.io
1	gate.io www.gate.io
1	cointracking.info cointracking.info
1	dhgate.com de.dhgate.com
1	changelly.com changelly.com — Cisco Umbrella Rank: 242862
1	kucoin.com www.kucoin.com — Cisco Umbrella Rank: 73921
1	creativemarket.com creativemarket.com — Cisco Umbrella Rank: 59394
1	tomtop.com www.tomtop.com — Cisco Umbrella Rank: 313112
1	gleam.io gleam.io — Cisco Umbrella Rank: 41577
1	biswap.org biswap.org — Cisco Umbrella Rank: 590675
1	exness.uk www.exness.uk
1	roboforex.org my6.roboforex.org
1	rbfxdirect.com 1 redirects rbfxdirect.com — Cisco Umbrella Rank: 731351	551 B
1	stripchat.com stripchat.com — Cisco Umbrella Rank: 23534
1	safepal.io shop.safepal.io
1	forextime.com www.forextime.com — Cisco Umbrella Rank: 374118
1	udemy.com www.udemy.com
1	banggood.com de.banggood.com — Cisco Umbrella Rank: 259601 www.banggood.com Failed
1	miniinthebox.com www.miniinthebox.com — Cisco Umbrella Rank: 306944
1	faucetcrypto.com faucetcrypto.com — Cisco Umbrella Rank: 352854
1	instaforex.com www.instaforex.com — Cisco Umbrella Rank: 652047
1	liteforex.com 1 redirects www.liteforex.com	333 B
1	p2pb2b.io p2pb2b.io — Cisco Umbrella Rank: 394404
1	lightinthebox.com www.lightinthebox.com — Cisco Umbrella Rank: 55133
1	rentalcars.com www.rentalcars.com — Cisco Umbrella Rank: 60107
1	bngpt.com 1 redirects bngpt.com — Cisco Umbrella Rank: 48118	3 KB
1	eneba.com www.eneba.com — Cisco Umbrella Rank: 303449
1	tsystatic.com 1 redirects tsystatic.com — Cisco Umbrella Rank: 239762	408 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	389 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 103	15 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	googlevideo.com redirector.googlevideo.com — Cisco Umbrella Rank: 962	866 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	344 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4785	487 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5927	175 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 736 sslwidget.criteo.com Failed	310 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	34 KB
1	neuronales.xyz neuronales.xyz	532 B
1	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 22091	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	12 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	28 KB
0	taobao.com Failed fourier.taobao.com Failed
0	mail.ru Failed top-fwz1.mail.ru Failed
0	yandex.ru Failed mc.yandex.ru Failed
0	hotelscombined.com Failed www.hotelscombined.com Failed
0	localbitcoins.com Failed localbitcoins.com Failed
0	coinsbit.io Failed coinsbit.io Failed
0	okx.com Failed www.okx.com Failed
0	probit.com Failed www.probit.com Failed
0	lite-1x830514.top Failed lite-1x830514.top Failed
0	nike.com Failed www.nike.com Failed
0	solanium.io Failed www.solanium.io Failed
235	101

	Domain	Requested by
18	media.gandul.ro	www.gandul.ro
15	www.gandul.ro	www.gandul.ro
13	assets.alicdn.com	sale.aliexpress.ru assets.alicdn.com www.gandul.ro
11	live.demand.supply	www.gandul.ro live.demand.supply client
9	www.youtube.com	www.gandul.ro www.youtube.com
7	ru.mmstat.com	www.gandul.ro sale.aliexpress.ru
7	i.alicdn.com	sale.aliexpress.ru i.alicdn.com
7	quantcast.mgr.consensu.org	www.gandul.ro quantcast.mgr.consensu.org
6	ae01.alicdn.com	sale.aliexpress.ru assets.alicdn.com
5	pubmedya.net	3 redirects odnaknopka.ru pubmedya.net
5	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com assets.alicdn.com
3	connect.facebook.net	assets.alicdn.com connect.facebook.net
3	static.criteo.net	www.gandul.ro static.criteo.net www.googletagmanager.com
3	chaturbate.com	2 redirects pubmedya.net
3	admp-tc-sati.adtlgc.com	code3.adtlgc.com
3	onesignal.com	cdn.onesignal.com
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	securepubads.g.doubleclick.net	www.googletagservices.com live.demand.supply
3	rtb.adpone.com	www.gandul.ro
3	www.gandul.info	3 redirects
3	pagead2.googlesyndication.com	www.gandul.ro cdn.unblockia.com pagead2.googlesyndication.com
2	www.facebook.com	sale.aliexpress.ru
2	remitano.com	1 redirects pubmedya.net
2	offer.alibaba.com	1 redirects pubmedya.net
2	cex.io	1 redirects pubmedya.net
2	www.bitdegree.org	1 redirects pubmedya.net
2	www.exness.com	2 redirects
2	freebitco.in	1 redirects pubmedya.net
2	rover.ebay.com	2 redirects
2	is.gd	1 redirects pubmedya.net
2	www.thelotter.com	1 redirects pubmedya.net
2	sale.aliexpress.ru	1 redirects odnaknopka.ru
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	odnaknopka.ru	neuronales.xyz odnaknopka.ru
2	fonts.gstatic.com	www.youtube.com
2	comcluster.cxense.com	scdn.cxense.com cdn.cxense.com
2	cdn.cxense.com	scdn.cxense.com cdn.cxense.com
2	test.quantcast.mgr.consensu.org	www.gandul.ro quantcast.mgr.consensu.org
2	cdn.onesignal.com	www.gandul.ro cdn.onesignal.com
2	www.googletagmanager.com	www.gandul.ro assets.alicdn.com
1	vk.com	sale.aliexpress.ru www.gandul.ro
1	g.alicdn.com	sale.aliexpress.ru
1	www.semrush.com	pubmedya.net
1	www.agoda.com	pubmedya.net
1	faucetpay.io	pubmedya.net
1	www.canva.com	pubmedya.net
1	fbs.com	pubmedya.net
1	kinsta.com	pubmedya.net
1	iqbroker.com	pubmedya.net
1	paxful.com	pubmedya.net
1	nexo.io	pubmedya.net
1	www.gate.io	pubmedya.net
1	cointracking.info	pubmedya.net
1	de.dhgate.com	pubmedya.net
1	changelly.com	pubmedya.net
1	www.kucoin.com	pubmedya.net
1	creativemarket.com	pubmedya.net
1	www.tomtop.com	pubmedya.net
1	gleam.io	pubmedya.net
1	biswap.org	pubmedya.net
1	www.exness.uk	pubmedya.net
1	my6.roboforex.org	pubmedya.net
1	rbfxdirect.com	1 redirects
1	stripchat.com	pubmedya.net
1	shop.safepal.io	pubmedya.net
1	www.forextime.com	pubmedya.net
1	www.udemy.com	pubmedya.net
1	de.banggood.com	pubmedya.net
1	www.miniinthebox.com	pubmedya.net
1	faucetcrypto.com	pubmedya.net
1	www.ebay.com	pubmedya.net
1	www.instaforex.com	pubmedya.net
1	www.litefinance.com	pubmedya.net
1	litefinance.com	1 redirects
1	www.liteforex.com	1 redirects
1	p2pb2b.io	pubmedya.net
1	www.lightinthebox.com	pubmedya.net
1	bread.pp.ua	1 redirects
1	accounts.binance.com	pubmedya.net
1	www.binance.com	1 redirects
1	www.rentalcars.com	pubmedya.net
1	de.bongacams.com	pubmedya.net
1	bongacams.com	1 redirects
1	bngpt.com	1 redirects
1	www.eneba.com	pubmedya.net
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	tsystatic.com	1 redirects
1	webcache.pp.ua	1 redirects
1	api.cxense.com	scdn.cxense.com
1	match.adsrvr.org	js-sec.indexww.com
1	id.cxense.com	scdn.cxense.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	redirector.googlevideo.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	rules.quantcount.com	secure.quantserve.com
1	p1cluster.cxense.com	cdn.cxense.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	adx.adform.net	www.gandul.ro
1	prebid-eu.creativecdn.com	www.gandul.ro
1	bidder.criteo.com	www.gandul.ro
1	js-sec.indexww.com	www.gandul.ro
1	neuronales.xyz	www.gandul.ro
1	cdn.unblockia.com	www.gandul.ro
1	scdn.cxense.com	www.gandul.ro
1	cdnjs.cloudflare.com	www.gandul.ro
1	code3.adtlgc.com	www.gandul.ro
1	www.googletagservices.com	www.gandul.ro
1	gandul.info	1 redirects
0	img.onesignal.com Failed	www.gandul.ro
0	fourier.taobao.com Failed	sale.aliexpress.ru assets.alicdn.com
0	sslwidget.criteo.com Failed	assets.alicdn.com
0	top-fwz1.mail.ru Failed	www.gandul.ro
0	mc.yandex.ru Failed	www.gandul.ro
0	www.hotelscombined.com Failed	pubmedya.net
0	www.banggood.com Failed	pubmedya.net
0	localbitcoins.com Failed	pubmedya.net
0	coinsbit.io Failed	pubmedya.net
0	www.okx.com Failed	pubmedya.net
0	www.probit.com Failed	pubmedya.net
0	lite-1x830514.top Failed	pubmedya.net
0	www.nike.com Failed	pubmedya.net
0	www.solanium.io Failed	pubmedya.net
235	128

This site contains links to these domains. Also see Links.

Domain
www.prosport.ro
www.descopera.ro
www.mediafax.ro
www.zf.ro
www.promotor.ro
www.go4it.ro
alephnews.ro
www.cancan.ro
www.businessmagazin.ro
www.apropotv.ro
sulvo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-10` - `2022-07-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
cdn-content-production.cxpublic.com R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2021-05-21` - `2022-05-26`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
neuronales.xyz R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
odnaknopka.ru Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adtlgc.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
pubmedya.net R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
*.aliexpress.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-12-20` - `2022-06-26`	6 months	crt.sh
secure.rentalcars.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-11-12`	a year	crt.sh
www.lightinthebox.com DigiCert SHA2 Secure Server CA	`2021-11-10` - `2022-04-20`	5 months	crt.sh
p2pb2b.io Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.banggood.com DigiCert SHA2 Secure Server CA	`2021-08-03` - `2022-08-03`	a year	crt.sh
shop.safepal.io R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
stripchat.com Cloudflare Inc RSA CA-2	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.biswap.org R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.gleam.io Sectigo RSA Domain Validation Secure Server CA	`2021-03-16` - `2022-02-25`	a year	crt.sh
*.tomtop.com Secure Site CA G2	`2021-09-14` - `2022-10-06`	a year	crt.sh
kucoin.com Cloudflare Inc ECC CA-3	`2021-04-10` - `2022-04-09`	a year	crt.sh
changelly.com Cloudflare Inc ECC CA-3	`2021-10-31` - `2022-10-30`	a year	crt.sh
cointracking.info Amazon	`2021-07-31` - `2022-08-29`	a year	crt.sh
*.iqbroker.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-11` - `2023-01-12`	a year	crt.sh
fbs.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
canva.com Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
*.agoda.com GeoTrust RSA CA 2018	`2021-08-01` - `2022-08-03`	a year	crt.sh
*.semrush.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-03` - `2022-08-04`	a year	crt.sh
img.alicdn.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-28` - `2022-02-26`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-06-28` - `2022-07-30`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.gandul.ro/
Frame ID: 05AF43B81F38D2310145EFB7F05DA802
Requests: 102 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6UVEwXAl3GA
Frame ID: 114E42B4A74BDD7BA7F00A15EFBE41B1
Requests: 20 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 9E0D8BE779C31D75C13F566D01049220
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html
Frame ID: 00BE26328A9662C0A90B84E2BA6EE828
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/a/
Frame ID: FEB58E264BD83D3E4B00DE0204FD7B8F
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Frame ID: AA19222F094E9E76BB6219AB225BDB56
Requests: 53 HTTP requests in this frame

Frame: https://pubmedya.net/vu/a/
Frame ID: 0CAFDC5DFA400BECF97C44C3584D1A9E
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Știri de ultimă oră și ultimele știri online | Gândul

Page URL History Show full URLs

http://gandul.info/ HTTP 301
https://www.gandul.ro/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

235
Requests

82 %
HTTPS

50 %
IPv6

101
Domains

128
Subdomains

92
IPs

11
Countries

3426 kB
Transfer

10740 kB
Size

99
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.prosport.ro/poze/luis-figo-si-helen-svedin-s-au-despartit-dupa-ce-o-cearta-grava-iar-fostul-fotbalist-de-la-real-madrid-a-plecat-de-acasa-ce-decizie-au-luat-cei-doi-acum-19412791?pic=19413408&utm_source=Gandul+Big&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.descopera.ro/galerii/19950512-tesla-in-centrul-unui-nou-scandal-compania-este-acuzata-ca-a-exagerat-kilometrajul-masinilor-sale-electrice?pic=1&utm_source=Gandul+HP1&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: http://www.mediafax.ro/externe/rusia-ataca-ucraina-armata-putin-avea-fata-pericol-nicio-forta-invadatoare-s-confruntat-vreodata-ucraina-15-reactoare-nucleare-pot-duce-oricand-dezastru-nemavazut-cernobil-20534033

Search URL Search Domain Scan URL

URL: https://www.zf.ro/companii/drept-la-replica-kaufland-la-articolul-zf-vreau-din-romania-germanii-20487183

Search URL Search Domain Scan URL

URL: https://www.promotor.ro/poze/benzinaria-cu-surprize-video-16093878?utm_source=gandul&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.go4it.ro/poze/carrefour-ofera-cupoane-la-achizitiile-de-electronice-la-televizoare-ajung-la-500-de-lei-19187010?pic=0&utm_source=gandul+homepage&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://alephnews.ro/lifestyle/a-fost-inventata-berea-fara-alcool-cu-gust-de-bere-cu-alcool/

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/te-imbogatesti-daca-ai-un-copil-nascut-dupa-aceasta-data-suma-uluitoare-pe-care-o-primesti-de-la-stat-20580698?utm_source=Gandul+HP&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://www.cancan.ro/rcs-rds-anunt-fenomenal-toti-clientii-digi-romania-trebuie-sa-stie-de-schimbare-20580702?utm_source=Gandul+HP+%5B2%5D&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: http://www.mediafax.ro/externe/unu-din-cinci-tineri-americani-nascuti-intre-1997-si-2003-se-identifica-ca-fiind-lgbt-20534013

Search URL Search Domain Scan URL

URL: http://www.businessmagazin.ro/actualitate/atentie-miscare-fulger-facuta-de-anaf-verifica-aici-daca-te-afli-pe-20535053

Search URL Search Domain Scan URL

URL: https://www.apropotv.ro/brad-pitt-o-da-in-judecata-pe-angelina-jolie-pentru-vanzarea-actiunilor-la-chateau-miraval-fara-acordul-lui-20246655?utm_source=gandul.ro&utm_medium=website&utm_campaign=fidmee

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://www.gandul.ro/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gandul.info/ HTTP 301
https://www.gandul.ro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg

Request Chain 34

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg

Request Chain 35

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg HTTP 301
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg

Request Chain 96

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 120

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/a/

Request Chain 121

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6718&cn=-&cv=427080&dp=82.199.130.39 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607 HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607 HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=f0e8d4f5536745c68aec6edb10202607&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607

Request Chain 124

https://bngpt.com/h.php?v=2&c=287325 HTTP 302
https://bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow HTTP 302
https://de.bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

Request Chain 125

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n HTTP 302
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n HTTP 302
https://chaturbate.com/charming_girls/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n

Request Chain 126

https://www.thelotter.com/?tl_affid=9175 HTTP 302
https://www.thelotter.com/de/?tl_affid=9175

Request Chain 128

https://www.binance.com/ru/register?ref=KZTDOPQP HTTP 302
https://accounts.binance.com/ru/register?ref=KZTDOPQP

Request Chain 129

https://bread.pp.ua/w HTTP 302
https://is.gd/JFIAMo

Request Chain 132

https://www.liteforex.com/?uid=322652589 HTTP 301
https://litefinance.com/?uid=322652589 HTTP 301
https://www.litefinance.com/?uid=322652589

Request Chain 134

https://pubmedya.net/to2/uatest/ HTTP 307
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mpre= HTTP 301
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true HTTP 301
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true

Request Chain 138

https://freebitco.in/?r=3669689 HTTP 302
https://freebitco.in/signup/?op=s&r=3669689

Request Chain 139

https://pubmedya.net/to2/udemy2.com/ HTTP 307
https://www.udemy.com/?deal_code=&utm_source=aff-campaign&utm_medium=udemyads&utm_term=Homepage&utm_content=Textlink&utm_campaign=Admitad-default&admitad_uid=648bd1e88f36dc6ed57bdbb32bdfc816&publisher_id=656490&website_id=747910

Request Chain 143

https://rbfxdirect.com/ru/lk/?a=zkeb HTTP 302
https://my6.roboforex.org/ru/?a=zkeb

Request Chain 144

https://www.exness.com/a/vps0b6j3 HTTP 302
https://www.exness.com/?utm_source=partners&_8f4x=1 HTTP 302
https://www.exness.uk/?utm_source=partners&_8f4x=1

Request Chain 147

https://solanium.io/project/tabtrader/?ref=SBBuqmht HTTP 0
http://www.solanium.io/project/tabtrader/?ref=SBBuqmht

Request Chain 148

https://pubmedya.net/to2/nike.all/ HTTP 307
https://www.zenaps.com/rclick.php?mid=16349&c_len=604800&c_ts=1645198628&c_cnt=596935%7C0%7C0%7C1645198628%7C6e1b01bd4818da7b028ca69ab34a9bb5%7Caw%7C0&ir=a194bec0-90d0-11ec-9f90-226225cdd961&pr=https%3A%2F%2Fwww.nike.com%3FCP%3DEUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473%26utm_source%3Dhttpwwwadmitadcom%26utm_medium%3Daffiliate%26utm_campaign%3D596935%26utm_content%3D300473%26awc%3D16349_1645198628_48e0322c5bd70a1e1592d172b24f5dfa&bId=HLEX_620fbd24ab4058.68107202&cookie=1&c_d=zenaps.com HTTP 302
https://www.nike.com/?CP=EUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473&utm_source=httpwwwadmitadcom&utm_medium=affiliate&utm_campaign=596935&utm_content=300473&awc=16349_1645198628_48e0322c5bd70a1e1592d172b24f5dfa HTTP 302
https://www.nike.com/gb/?CP=EUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473&utm_source=httpwwwadmitadcom&utm_medium=affiliate&utm_campaign=596935&utm_content=300473&awc=16349_1645198628_48e0322c5bd70a1e1592d172b24f5dfa

Request Chain 149

https://pubmedya.net/to2/1xbet/ HTTP 307
https://lite-1x830514.top/?tag=s_137887m_355c_ HTTP 302
https://lite-1x830514.top/en/?tag=s_137887m_355c_

Request Chain 152

https://www.bitdegree.org/a/1153729 HTTP 301
https://www.bitdegree.org/

Request Chain 154

https://www.probit.com/r/61386411 HTTP 302
https://www.probit.com/signup

Request Chain 155

https://cex.io/r/0/up111785894/0/ HTTP 301
https://cex.io/

Request Chain 156

https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=c94fa3935a7ece3c94b12d88ba61d5c7&pid=656490 HTTP 302
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=j19u1ne5&e=6

Request Chain 158

https://pubmedya.net/to2/dhgate/ HTTP 307
https://de.dhgate.com/?f=bm|aff|admitad|1019090|04b74ddf47a992a98a4e45c09113f762|197649||

Request Chain 164

https://www.okex.com/join/2788553 HTTP 301
https://www.okx.com/join/2788553

Request Chain 165

https://remitano.com/join/2716653 HTTP 302
https://remitano.com/

Request Chain 169

https://is.gd/QfvdqV HTTP 301
https://faucetpay.io/?r=612200

Request Chain 173

https://coinsbit.io/referral/abbb0df8-7383-4a72-b68a-b161a8ae6e74 HTTP 302
https://coinsbit.io/register

235 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gandul.ro/
Redirect Chain

http://gandul.info/
https://www.gandul.ro/

299 KB
37 KB

261ms
141ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af86ebf436e3aaa645aac96b799d1e0ba7b128c1f6f5304dff415c3bc2c7cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-type: text/html; charset=UTF-8
link: <https://www.gandul.ro/wp-json/>; rel="https://api.w.org/" <https://www.gandul.ro/wp-json/wp/v2/pages/19641445>; rel="alternate"; type="application/json" <https://www.gandul.ro/>; rel=shortlink
x-ws: gandul-118
cache-control: public, must-revalidate, max-age=300, s-maxage=300
vary: Accept-Encoding
age: 193
x-cache-0: H
x-ba-0: default
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5PqrNI%2F%2FY4%2BdcwRQ4gY4VjwhxSo3P8lw410GRWt6ReK4PGmdqkNn7MEstAN0trtoqw0AMFNqRYjty9Xkm6cBAyJE3iO6T05xjOpHhDEZds1o3FHW5ekKoEiwZyg7IUBULzfUwGVpUGmoCBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6df913c60d9206fd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Fri, 18 Feb 2022 17:46:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.gandul.ro/
x-ttfb: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sk0nb9WSghQpJDa%2FUcPhx0wksdJ4XFyt%2BF0nV7Ts7Hc9dl28XiTM8ZTK%2BJgkGc0cTXr9DgffR%2BmQ7E0UTlJq6Jqex%2Ffw8gRhNHkJTKfMncpIuyJDQMeiTBeGcCJvMk%2FYIykJ3iPazGn96Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6df913c45ffa72e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lato-black-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
21 KB 52ms
51ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-black-webfont.woff2

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfcab20aa21a4818bdc5b1c526319f37de98e28797c17a0beceb3bbb99ef1475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/
Origin: https://www.gandul.ro
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: W/"60bde857-5340"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 10065893
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:19 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xydFtWIqEfWp2bqVxYLTjsUhQb%2FYkrR%2F9AdFXIEkEDufZkHmNfAkuY9jj0HEGL1VE7uZbHigbH1NM55X%2BwPj0GuBS3kHcMigKrXysZmsM8P5AVx9v230QA9aJkODdle5yeNX6yfD067D4kee"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c71f6106fd-LHR

GET
H2 200 lato-bold-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
22 KB 55ms
54ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-bold-webfont.woff2

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0cab0b1de2ea45cdf2ad2a71645503f763e8747c077b65a38fc17605aa854a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/
Origin: https://www.gandul.ro
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: W/"60bde857-55dc"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 9973398
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:19 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peLKjeUZoiUQfS7wb59gESwPO70uOm8QMx79%2FMK0bFseou7cEhMEu4PKZyr6FyWyiigJsmKMkI%2FrRqcpSoGNEsyitrEgLzJ433WvUCfnBrH%2F23lxrvb5oOOjg6eDopQ7NId0W8Eg%2B%2FCZMdRa"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c71f6406fd-LHR

GET
H2 200 lato-regular-webfont.woff2
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/ 21 KB
22 KB 57ms
57ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/fonts/lato-regular-webfont.woff2

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252f958ab7334260744af174539c91fbc11457e99b7001adae9d952ec163e0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gandul.ro/
Origin: https://www.gandul.ro
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: W/"60bde858-55d4"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 15143814
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 07 Jun 2021 09:35:20 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbmZA0T9Q3Ucg%2FKZkQfkfpCGL8wTsORIX7rmKacrLm1CuXP%2BGL3yYqcuhsxkIWp1lLUlTB7sfgzb4M7H06jcQX9Ejuf2sdXarp4vajXQFGGxM4a%2FvdGYWvzbS81NsFGtIHveZcx%2F3P5NSc%2FT"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=600, s-maxage=600
cf-ray: 6df913c71f6806fd-LHR

GET
H2 200 style.min.css
www.gandul.ro/wp-content/plugins/quantcast-choice/public/css/ 3 KB
1 KB 54ms
54ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/css/style.min.css?ver=2.0.4

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544e774fc2fd3796265f83f0a118d91695dce18925f615f84d67cfbe5147b76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
etag: W/"5ffc4a3a-c5b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 10065893
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 11 Jan 2021 12:53:14 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zREZZmR1BD4rj5EMxknxzQj0yo0NLP16Pz%2FLwtJzFzZFtcjX7VxxcR%2BO9uvlujdRW7HO66aZpH%2BPUq3xKhxwq7EIG3o2bDhWd%2FaBKsYrsOVHBVI2bf6Sr6tZ97i4aygtVWiV4e6vdIIvUZon"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c71f6606fd-LHR

GET
H2 200 style.css
www.gandul.ro/wp-content/themes/gandul-twentyone/assets/css/build/ 252 KB
28 KB 96ms
96ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/themes/gandul-twentyone/assets/css/build/style.css?ver=1643097175

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee59cb221aad9b3257e2379e0b853d4c34806914bbe843ab0bbedac9af5db9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
etag: W/"61efac5a-3f042"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 2109125
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Tue, 25 Jan 2022 07:52:58 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y59vcU0OAkQnCHL42PHPSqIlT6%2Faht%2B%2FfVkbMG1h6DR%2FiUM3bmeP6t35fRqQ1uDk%2BOjvLc0amk1Urv0fBWtHT94sz85mmZDV5xot5nzpK1OsCIDcyaHryJ8Yqna15Zamc0nm519hx1Plj3nk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c71f6706fd-LHR

GET
H3 200 script.min.js Show response
www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/ 5 KB
3 KB 54ms
53ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe40216e07f1870b98db5d50b9301fbdb2974ebf6760d03a43dd1ab106ade4f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
etag: W/"5ffc4a3a-14cb"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 5757855
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Mon, 11 Jan 2021 12:53:14 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCuhhhp%2BMxCoRKydx50%2B2wkuvY3RM6B66013rKjqTiA5gtVdgjHkCl%2BHXA3DCVYb38gA%2FcX7R%2FR8fSe8fubiB0IY%2B6w1tWiJAqMmtYCzsTMbnCVesTxwo39XRdzLjbqBOTloxu%2FuH4j9i%2BI2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c7ea147753-LHR

GET
H3 200 prebid4.40.0.js Show response
www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/ 189 KB
59 KB 59ms
57ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540f1860bba67de8970966fc9f72c31d07910ea9428a8e0801f7fed98b48a807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
etag: W/"60b0b41b-2f453"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 9944617
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Fri, 28 May 2021 09:12:59 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G0xAIbi8HRRSh9TDwPc5iUrEE1AZ8IPeEZFlQcIdJ3qsD1Z2zzlh5jNmL%2BR2GZQdlK%2FWt73xyVmbNwy%2BMdPVYOVRvMvlTBV28inDgs1%2F1qMeROk0toNK%2FmtXFB4tBlY0ggGARb0Wd1zzMcx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c7ea1b7753-LHR

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 184ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d05267591d22ed3738a4325a43b38bbbc055bca85dc56b7d7f69ea342a92b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27563
x-xss-protection: 0
server: sffe
etag: "1135 / 354 of 1000 / last-modified: 1645185935"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H/1.1 200
OK sati_init.js Show response
code3.adtlgc.com/js/ 48 KB
12 KB 238ms
60ms Script
application/javascript 104.111.245.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code3.adtlgc.com/js/sati_init.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.245.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-50.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Sep 2021 16:40:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"67184b081833e14163cd48db728deb4d"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/javascript
Cache-Control: max-age=47535
Connection: keep-alive
Content-Length: 12109
X-Amz-Cf-Id: hTLI4hqv_Di8QxW-YjHSKjRQO3RxPgBNDnHoJNS06BotQNqhFKjUXg==
Expires: Sat, 19 Feb 2022 06:59:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 397ms
279ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1572980-1

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7c23b6569a716d6facf087152dece79737d5751a6b9c843ff078e6aca87f5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37324
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
53 KB 211ms
91ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78d374053299b53a9b3feed92dff5dfb1ce3a216190e168f5f5f2367399681c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53566
x-xss-protection: 0
server: cafe
etag: 12763386067333282300
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H2 200 brazilanca-1-1.jpg
media.gandul.ro/unsafe/800x450/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 77 KB
77 KB 70ms
58ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/800x450/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/brazilanca-1-1.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e4c0cc376b7cf05bcdc89a69f484f749191e0281ec954ee2b7d9140dc59df7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "29538c88c3b101990d816669cb4f7dc55a0e1e92"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 6673
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78446
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFd6p%2FqHkJB3uZn6ugyqlO7W0ZbYemae0s9Cxy2Yo0PoAb5jmuvxRWfJV9dWanCKvRcGBSg6mX1d9IPtemC4ZQVAkv2gxJRq%2FVPEcaUncBSkUOozJX7VqXSt3ClL6TaexplcA8XyFAapSsme4Ao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c7f8ef06fd-LHR
x-storage: MA

GET
H2 200 tiny-slider.js Show response
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/ 31 KB
12 KB 148ms
53ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1379207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11404
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-7bfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BRq5X5QVN5F3zV55w6tygJNkLkuWDoyvvUbAWIq3OfcA5L%2FI4tgHDWRFSMG3AqBQyyxtHYRruQUJxYrKzyFP69n%2BPwEDW35O3sA5hYuogrjK1oZV39ZgB55YtdbBfxoeqAXs9rogDgh45NYNDN1notH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6df913c84b5b7792-LHR
expires: Wed, 08 Feb 2023 17:46:51 GMT

GET
H3 200 wp-embed.min.js Show response
www.gandul.ro/wp-includes/js/ 1 KB
1 KB 57ms
56ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gandul.ro/wp-includes/js/wp-embed.min.js?ver=5.8.3

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
etag: W/"60472028-592"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 3704355
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ba-0: default
last-modified: Tue, 09 Mar 2021 07:13:44 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jsjcKixUw6eLXhp8dD2gW6bABppIwrU8J4ZEU3zE3NYRrWgjrKwkdvCGlxoq6Ew1p2e8G8cPBiRkT2CixXkv8aolFitdBl7C%2F5WlAqAVKT9ZW3dEeas%2Bl2crsrkV6SKjVBmFVPWeF0VnA6h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=15768000, s-maxage=15768000
cf-ray: 6df913c7b9b07753-LHR

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 64 KB
22 KB 227ms
106ms Script
application/x-javascript 2a02:26f0:6c00:298::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Fri, 18 Feb 2022 18:46:51 GMT

GET
H2 200 h.js Show response
cdn.unblockia.com/ 131 KB
25 KB 178ms
66ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6501
x-amz-request-id: 22R92TYTCFDP4BZZ
x-amz-id-2: QSwv0X/XV6Ldjgp0WpeoZTdBF/ZaAPNd4ASa7Kcfsw5DG4l4Q4XY1ptgCEcjFmKn7X6vdTh2iFA=
last-modified: Wed, 09 Feb 2022 19:08:10 GMT
server: cloudflare
etag: W/"a0c7e33966a5f7ad3bc448dcfda51957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHDc3or%2FMa2ldHIm2JfoquN%2BeHGrIw1uBTLR3TtMGWedd5UoYhXvOdx421Iqr8ZUTPs4Px9h4432Kq3nPwzbQxO8o%2FU4dpihyuz3gFJHK3m1y69DmlRRjo8j9bqn29AT%2FbDnUnpjwFt1Ue5Gaip%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-amz-version-id: 5dsbmyhMAJFu6dk9cMPVEFfOJNzB3SCj
cf-ray: 6df913c89bfd88bf-LHR

GET
H2 200 up.js Show response
live.demand.supply/ 9 KB
4 KB 251ms
148ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6766897b5a8396a2cb0d3203fb6490be776ccd3ffc849a554d7647f4d1939ed

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FSH4KWC461PHNB4G4VDPWT2J
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 380
cf-polished: origSize=9084
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"b1e58731788823bdf6e0bbec4e10cf9e-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6df913c88ffc73df-LHR
link: <https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby8=>; rel=preload; as=script

GET
H/1.1 200
OK 13087 Show response
neuronales.xyz/easylist/ 312 B
532 B 309ms
132ms Script
application/javascript 192.102.6.94
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neuronales.xyz/easylist/13087
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.102.6.94 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: s3.zevshost.net
Software: nginx/1.14.1 / PHP/7.3.4
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:51 GMT
Server: nginx/1.14.1
Connection: keep-alive
X-Powered-By: PHP/7.3.4
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK 190540-122528310662128.js Show response
js-sec.indexww.com/ht/p/ 112 KB
34 KB 938ms
762ms Script
text/javascript 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53380e9fd4b0c2d1d97ffdd41e929db5edecde579918fdb518f6e994191581d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Feb 2022 17:45:37 GMT
Server: Apache
ETag: "90546a-1c0d4-5d84e73550d81"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 34085
Expires: Fri, 18 Feb 2022 18:46:52 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 166ms
52ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2001
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6df913c8ec7d74cd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 21 Feb 2022 17:46:51 GMT

GET
H2 200 O-noua%CC%86-taxa%CC%86-pe-stat%CC%A6iune-va-fi-aplicata%CC%86-din-acest-an-pe-litoralul-roma%CC%82nesc.webp
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 6 KB
7 KB 59ms
59ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/O-noua%CC%86-taxa%CC%86-pe-stat%CC%A6iune-va-fi-aplicata%CC%86-din-acest-an-pe-litoralul-roma%CC%82nesc.webp
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e2eecf7ca95d864321296f703b8b068e6726a8f19a9c6e59e6752c3785cece

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "bc9cf69c92dc384c91b0d4828507ccd0a98f0a75"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 2548
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6468
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rGafg4MpLAkKQ26Tml82gYn%2BkG0%2Bh2K%2Fn4a975skfpWJsqpQ4FaluSIS74p%2FCxdC6okQjrkrQz2sqeoDD2Aq1Y2JKky08sWu0tonT0AHElq1%2B7aYsBUI0hFHPq090cJXMsapZXNSJu2VIcZZ1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8091306fd-LHR
x-storage: MA

GET
H2 200 car-explosion.jpg
media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 8 KB
8 KB 54ms
54ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/300x169/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/car-explosion.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40095d2b76e692450ae8566758895c888151c1d4f24588c5bb1cbdb33c0abbc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "b9d68888e0aa87fad83c9042de3263858cf90bf5"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 2327
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8016
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNGTtKKf7w%2FFon3TfQiv1GTZNXxubdNdWjB5tT2MCqgkTzVWx2XNN11TUwJD18AljphCigR28NVx9AqocLNWE2c21eA3ShL1HCQ0BB2vmPRIHoqu6TBeC8yan4d8UTY0O56pAbha7qrLGNb1%2BwU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8192e06fd-LHR
x-storage: MA

GET
H2 200 oana-zvoboda-18-februarie-vox-pop.png
media.gandul.ro/unsafe/500x281/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 24 KB
24 KB 52ms
52ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/500x281/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/oana-zvoboda-18-februarie-vox-pop.png
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6dc7f96b2123ecee49dfd4495bfe6d8248c3209a4bd47b3907bbbd1f4a050b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "4fd2f708ff1e5f21e8b7dd33b76c2ec3f968da3e"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 2063
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24218
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4%2FYwl77%2Bs%2FdfRqnNeAi%2FAPXBIFJ497PRwvdDZ1K4JXn1vV%2FYj8nVgDAHBl33qumPTGm%2BRQU%2BGPJxKVugYnEquU%2FRS%2BznS4HJF6%2BtZs80A46qJQ53f9KVGr5k4hhhoZQvqxmWykIsD6%2FGArPVAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8193306fd-LHR
x-storage: MA

GET
H2 200 6UVEwXAl3GA Show response
www.youtube.com/embed/ Frame 114E 62 KB
27 KB 240ms
110ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6UVEwXAl3GA

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

185d19247b68c0c4493c8c7d07c7dc5d42a50e5793530b81252684e1bba75ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Feb 2022 17:46:51 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mutu-colaj.jpg
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 23 KB
23 KB 67ms
66ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/mutu-colaj.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709e58c0dbb882e9b5a10b62d1e499824e2ffd88adbbb894d7f806a6309676b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "b6c752f7a01d2ed899e6eb78211b7fe1e69722da"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 4833
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23334
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GDvg4KwjPwayaktQL5q3OlhtcBOxD7O%2F6q%2BbEbGxZrLFVf4kDC093B9JY55kR%2F%2F7ohldEcjz4cOW%2B8zjGUkycgobdkLQwlhODtpUnw8ctQPED8BIe%2Bg7Ev8BDK3mw%2Fg%2FgCJGa%2F%2Fu9NJsOK24wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8296206fd-LHR
x-storage: MA

GET
H2 200 shutterstock_1115366180-4-scaled.jpg
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 9 KB
9 KB 55ms
54ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/shutterstock_1115366180-4-scaled.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e25ef4c0732ac1233e66812472a8d49b056f638b425eeecae45423d6f3469

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "a7b4fad376de7326fe1828d3d761b594577facdb"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 1077
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9298
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtHxWcwQJqVRaXFnhTq2ClQHmAtvt8m6qmsJpuKUHpBdPjfHWfJL1z9s1sEBmnwqIRYj19MGKswhDs3qZ4PzHwZ9MuA%2FOfbMSLW1k06wSye5nvSElSGKEJtJG8ymVAMnKbKuV9V3LxvDIQUifa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8295f06fd-LHR
x-storage: MA

GET
H2 200 5e7df985d6d74186857445-800x520-1.jpg
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 9 KB
9 KB 54ms
54ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/5e7df985d6d74186857445-800x520-1.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9e4a4de11a308b1e441773a8711894b4d460e3c90e0ce924d622ca4baf85ac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "fd3aa8402e88633a8fddedeae9a7c50dc54ed4ca"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 1077
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9244
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BkvMnab1%2Bn3vqGIpifv%2FgJeFjnutDFbVWUEuqHiyfHIyW40tFl6DXb13l6yJTG%2FEIt7TU3xjSbQCatWNqjM13YLP%2BZ3fWYcjqw%2BMGDymkd8cHJ3qv9ulPbpOaktN5WSYCzs4JJD5B8YLsPInJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c8295c06fd-LHR
x-storage: MA

GET
H3 200 copil.png
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 9 KB
10 KB 79ms
78ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/copil.png
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b769b1026482ad24bb4be26b16a3bd1d962da58adaa547b0ac78ebbbd549f057

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "42ce212404d7db8a93580cc49bc9b5e9adea8467"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 1401
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9276
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKqTnwiNv6gU8FFWNcW08PLPSV4c%2FnnjSkruNF%2Fv%2Fg6dxRSxC%2FdwOyZ8uP4DiA9nfxn93LOX8bNI4h1oxp1hikp9aiSSQVixWa2BxW47dK8gFltCB4CKdx6lD3ixRqchhicV1XHx7yKTj%2BwTC9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c86b567753-LHR
x-storage: MA

GET
H3 200 1-smurd-acc.jpg
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2016/03/15098417/ 16 KB
17 KB 103ms
101ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2016/03/15098417/1-smurd-acc.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dfe56fb01e5e34715446d718b16f722288e6a14b95e67feba8226254b769f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "708d5fef696cbd6342a7ee0b5f099efd1b56e41f"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 2312
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16748
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4mQttfJfj16V3flpEzQO542RWg18FLS%2BfzILKJk5OG6bLdBCSJASmDKkC77Ynre4QD%2Fww1GyLZNmpvl78DFkOBA4oNJz4S1Y8oWYxrIUQwA1ZNkfIhpm4YU4JWJVkhCedZypEanAy5W%2FvyqaZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c86b587753-LHR
x-storage: MA

GET
H3 200 shutterstock_1035684787-scaled.jpg
media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 16 KB
17 KB 109ms
108ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/406x228/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/shutterstock_1035684787-scaled.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38af64c0b7eef852bf8b12a3f01eb775e5107a4b28804ddb1013623a2041d68a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "214faf504a18ede3de1ef71c2cdde13555613515"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 1979
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16612
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYnHKHUOw6O06WcrTk1J33n%2B3mi5vk5BxDSs8BO12N92O0YrGrxswRzSoBECtPy0LlgZBUP9e6fn5LjAPEXlTsfxxl%2FkOL2dQ4nBVYj2Zk0CjACFBqZWzNegCojHOOmGfRW3XcTZAtSpNthwdTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c86b5a7753-LHR
x-storage: MA

GET
H3 200 Cristian-Lisandru-150x150.jpeg
www.gandul.ro/wp-content/uploads/2020/08/ 4 KB
5 KB 62ms
61ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/2020/08/Cristian-Lisandru-150x150.jpeg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2744fc8ba24e4b787270da23ae3e98455cf6329934d09d71f2b2babfc72d79bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "5f3cf645-108d"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 9944128
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4237
last-modified: Wed, 19 Aug 2020 09:52:05 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1hHdIGegF6MP3kJleOI5K3SlGzCE%2ByDudgUPiEfhCk%2FVuXhtWbL6Eh6jDmnSDIe9yYEbqmPThU2TBb8gOJKdoFPTy7SWDZs4HmLSgnXdIWERp8y7u8P6UB2NFjDU9dTNG4jlDQJTIN6SOm7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913c81a9b7753-LHR

GET
H3 200 Petrisor-Peiu-150x150.jpg
www.gandul.ro/wp-content/uploads/2021/09/ 5 KB
6 KB 113ms
113ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/2021/09/Petrisor-Peiu-150x150.jpg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0faa9c6fc8dbdd905543ca404fc7c0ec390159caa3e83b14ea8a086f65c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "614085d2-145e"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 1503826
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5214
last-modified: Tue, 14 Sep 2021 11:21:54 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fl3KMnUkSffDcKJ6o%2BAIBavmgRIaTnp%2Bnga5bqG5F0noKb%2BEkEkpvRjDVJO3MsH9ecBxx4MD6Yz%2Ba3z0Cxw0cPdoDFryki9qGcSCRQz2vysNROokLP%2BxpCnyhvq1wd0Z4m%2FvAj10CWYS6u7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913c81a9d7753-LHR

GET
H3 200 Alina-Bargaoanu-150x150.jpg
www.gandul.ro/wp-content/uploads/2020/05/ 6 KB
6 KB 113ms
113ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/2020/05/Alina-Bargaoanu-150x150.jpg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8a9d929d4fcc727bbfa57d8bd624434a97ef7711df5455297aedab4b205d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "5eafe199-1647"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 379071
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5703
last-modified: Mon, 04 May 2020 09:34:17 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z0Qcgkh9W3L3g209JqQy4QSEGDr%2FYT9sxJAzZnPzZ1g4AFpfWkRmtKOufTf4k4rhe0ZUrt%2FSRWLp3Y%2BsDz3xfFe7xtt0NldZQn84cOKEncH%2FMoO5ukLPCX%2F%2FDfsHW0rnK7mZtFxAqyIEA7d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913c81aa07753-LHR

GET
H3

200

a11b17d83fd0455a52d78d34102b4ec0-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569276/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg

32 KB
32 KB

52ms
52ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb15b0e6a867bb189f32a8d6df0bfb1d8dcdc93a1ad471e06c177ac8029b7442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "620eda95-7e13"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 65507
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32275
last-modified: Thu, 17 Feb 2022 23:30:29 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMtsd5Xuwhz3pPf19v3rve%2B%2BKUDAk%2BE%2Fu02Z%2FQUbmlTuZlzO6RrJI7AsYSCtg6Rxfzh7hBM2jq9P%2Bhew98Lx5q45aiBaeV56ZD4cQBo0zYwwGOPwLsAlf1IqziXk0L9Tg%2FbCFw%2BYemBalZOF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913cac89f7753-LHR

Redirect headers

date: Fri, 18 Feb 2022 17:46:51 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ttfb: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riLF%2FS6Zr6%2BAy1WOzHom9J8z6EGIn14SVABJMxE60ZkohunypExMAa5va5YyojKpsXZIji76BjFJSTRtWDCzz%2Bc0nRJ1ocubK2TYwISfGvbB3GSWc16biuEUb3840KuKLO6EhJX7IVT8NmC5bIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569276/a11b17d83fd0455a52d78d34102b4ec0-t.jpg
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6df913c9bbb872cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

6eacbb7746083b8f8e32deceacb668d3-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576572047/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg

8 KB
8 KB

53ms
53ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35edb66201490ad51b3aba7071326b8b42c5c0654efac3c98475a468043a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "620f672f-1ede"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 29507
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7902
last-modified: Fri, 18 Feb 2022 09:30:23 GMT
server: cloudflare
x-cache-0: M
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhqN9Z10t2AGWZAY%2Fis33wYDTd5Yzwwf8FExQxxO7i%2B%2F9ddqDbe7lJ3aVjYCy2Dp8b%2Fm73O4K7zPLh3cFkD%2BKbTIBswIpcO1Uy2NaQsVQbtyx1GXOkEXp1DwSLWmCUae%2F%2BAfYm8pur26ExBd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913cab8947753-LHR

Redirect headers

date: Fri, 18 Feb 2022 17:46:51 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ttfb: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldLgqEWbRHg7GnS%2BgtuMdPFRGyVoyNumnhVnUcAbmJJjazX2vJSUZ%2BYDbqrjiWkF3uxT36ZBrOJgp8RJETCvJLNOuKfo%2Bwp7T7cMmKE5pEJ%2BmeV8ETL3hkxJY1QZYvtyuQaUdne2eQxQBgY%2FPeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576572047/6eacbb7746083b8f8e32deceacb668d3-t.jpg
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6df913c9bbb972cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg
www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569244/
Redirect Chain

https://www.gandul.info/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg
https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg

19 KB
20 KB

52ms
52ms

Image
image/jpeg

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/

Protocol

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04490083fbfdcf23fab3841e6907306f46fa2272590943c223aff0b564dcd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "620f1fb5-4cae"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: gandul-118
age: 47672
x-ttfb: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19630
last-modified: Fri, 18 Feb 2022 04:25:25 GMT
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35TNwwqg2rnuU9rnJaOrAsDx%2FWYIu82e83y51xjutVrGBDBb%2B2xV1C%2BPa5lAYObqqQE2g9l3XXSxAxp5%2B9uW79Q%2B8QabdDJXJCftUL06sty7ZjoM1Dx1k1z5KNECvzkPEE1zzKI770GRkj9c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=15768000, s-maxage=15768000
x-ba-0: default_last_resort1
accept-ranges: bytes
cf-ray: 6df913cab8907753-LHR

Redirect headers

date: Fri, 18 Feb 2022 17:46:51 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-ttfb: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI9FN8G4hgkOBTQt8iyxvB5TnHcRN6AuuOpK%2FOdzjFBzol4OlioTP9ZbxgpDthjhIbfbXP5%2FfID1iNMWa0uNCk4Ea5UR8eBntC98C6Wtvg38fJMlrY4PVxDzRb7hsp1a88YHkpgK2o4pIUQiI7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.gandul.ro/wp-content/uploads/feeds/2022/02/1576569244/8dbfb920c89e99f6b752d14f6f6f6dec-t.jpg
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6df913c9bbbb72cc-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 WhatsApp-Image-2022-01-10-at-12.28.53-PM.jpeg
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/ 7 KB
7 KB 53ms
52ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-10-at-12.28.53-PM.jpeg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55afb8d7ea385404126f0a556397396b2f67c6f77f4ea8a0464db28e599bed5f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "2329272c390cf96fcabc2540892299ecc6b71d6a"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 6785
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6898
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU77eAYFpD31mRblk%2FPyBkNn4Si3%2BWip4FA4qS0G3TUCvdrcpT4Hw8YgvE0cEyUTUSM15CLUYaqNQRmfuUXKeFw5xyO1WQo%2B%2BkZTZHFhrVb7%2FvX57Uov8CMzwAmwd2XlXYr1nzATCEGqyvlXUf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d617753-LHR
x-storage: MA

GET
H3 200 Platforma-Ana-sursa-Youtube-BSOG.jpg
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 16 KB
16 KB 97ms
97ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/Platforma-Ana-sursa-Youtube-BSOG.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c39c26105d17f87deaa58dc6271ed63df3e06030fb9e0fb30c70dd9b1fceac

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "e71a935b621945e910f6bb780e2199a6acb7417e"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 17961
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16098
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE2oePExoRXhYqBBuFbnAsr8Heqs4CMKu2rXCpi9qz8DQCDVNCuUfTlUjIGxXmyd%2BqpD%2FzaE2FcgSBisRa7hPWjt7xloHD9u0I7lKP4f3BiDOYQ5GUwGp3kjyrZCg9MY9rEjNyPNy%2BvqUl1J%2FO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d627753-LHR
x-storage: MA

GET
H3 200 7653073-Mediafax_Foto-Andreea_Alexandru-2-scaled.jpg
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/05/ 6 KB
7 KB 54ms
53ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/05/7653073-Mediafax_Foto-Andreea_Alexandru-2-scaled.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d67aac26f6544b4dc5c84dd7f5b5fb679c7ed213d5c1d7fc67e25f28f7759e6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "2b477571e14aa1bab481d5e5cbd82f5a930348b5"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 31190
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6102
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCQD%2FV6%2FXDyrzXMDItICmRL6POOWuJ4aQe6S6NSxcat2VBy91HGYJ%2BdDIE8DRpJutC3adyjYwg3W3vg%2BsFC6J2dMMWl6X6Q3UIeCwpXJOg0kzMRFtOBh%2Bn%2FJSnkDn986%2BUA%2B4Dffkgldrd56wS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d657753-LHR
x-storage: MA

GET
H3 200 Raed-Arafat.webp
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/11/ 7 KB
8 KB 55ms
54ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/11/Raed-Arafat.webp
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9597e4d0d07d37fd8605882311aa24efcbf574bf9761c4c2dbcdfd58453b7d19

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "da7f2f1b005ad41532e14badb9e897dca192d5d7"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 33762
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7548
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VOCZXZeh1%2FL2jHrqo0o5tF5D3aJA%2FSGBGasJuVR6b8kHkPOGIFsvKdwoSiGeAi1z1cBe0uQ49zSThgrwvUANVxSGMjyghHX0%2F0QbEtEzQUXyF3eE%2Bk%2FoHDFehxFg3vWkYU1LNs5Az8P%2B%2Bp%2F4jM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d667753-LHR
x-storage: MA

GET
H3 200 Polonia-anunt%CC%A6a%CC%86-ca%CC%86-este-gata-sa%CC%86-i%CC%82i-ajute-pe-cei-fort%CC%A6at%CC%A6i-sa%CC%86-fuga%CC%86-din-Ucraina-de-o-posibila%CC%86-invazie-ruseasca%CC%86.jpg
media.gandul.ro/unsafe/610x343/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 37 KB
37 KB 54ms
53ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/610x343/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/Polonia-anunt%CC%A6a%CC%86-ca%CC%86-este-gata-sa%CC%86-i%CC%82i-ajute-pe-cei-fort%CC%A6at%CC%A6i-sa%CC%86-fuga%CC%86-din-Ucraina-de-o-posibila%CC%86-invazie-ruseasca%CC%86.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf371a6e60f15a74f52fbb937d9bd2e2b036d9603d4e346a4da644eacb5625ae

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "91267d5b1e837202453d14baa6c64f46329fb2f3"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 228
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37620
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa%2B5TuQkyMYH8raRxz1KoZ73O4VcHTM0gVfieGU6XIpVjhs%2FSMC0fk4CFS4928h0KfqF1UzwqTiTv2499ZvjqR%2BSG6D1P0LpOnfe67J7D29gw3A41aSvXxd29r7rQEBChlys7SJkPibpkwhzYS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d687753-LHR
x-storage: MA

GET
H3 200 shutterstock_551141872-scaled.jpg
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 11 KB
11 KB 98ms
96ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/shutterstock_551141872-scaled.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4d806792acac127bb1c36169a4608f5d7f8ee01a43bccf063a04b72c7d80a1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "ff2d935261cf8d2ef9c8258c38295fc5232fa773"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 228
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10822
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuPhXOwxhMfJRE1UUPkAUUi0jIngetfnjVMANmr4EBSCHGL34Huim1T1spV20Hs1eJqODqXfLLVJ4qYpLzcpouqnniu%2BZzQMFgLDkILi8GzaGwd7yM5cbwrGEjAfgUqq8YgBXw8dQWZO1CDUIIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d697753-LHR
x-storage: MA

GET
H3 200 masini-politie.jpg
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/09/ 10 KB
10 KB 58ms
56ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2021/09/masini-politie.jpg
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b959714b2e365dfb43b97bc6af305679308b2ecc2fd9fb09c44c67b5cac0a81e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "9c8ab32ebb35179a0ec90ce88a145cd8f8ff1600"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 24
age: 228
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9968
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyb44J690mVvb488I9B1J2eC7FciUKTogO651LZtfi76Ff8xOaETwtDMCNflx98BL8VB3hhIKGZBqYVGeVpLMYybr0Y%2BWnjUWUHNYRvlkhCtREdqm2kwfg1ljGc5LPfrOePi6LVSkHGHwIC3u6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d6a7753-LHR
x-storage: MA

GET
H3 200 Simona-Halep-a-fost-eliminata%CC%86-i%CC%82n-semifinalele-turneului-de-la-Dubai.webp
media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/ 4 KB
4 KB 55ms
54ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gandul.ro/unsafe/305x172/smart/filters:contrast(5):format(webp):quality(80)/http://gandul.ro/wp-content/uploads/2022/02/Simona-Halep-a-fost-eliminata%CC%86-i%CC%82n-semifinalele-turneului-de-la-Dubai.webp
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a72458954925a250248e55619f35c259a4f9351ab48b286899da9998f2b0686

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
etag: "29b29e0af4a2001ece3d6cc1a05779fdffbeba1b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ws: 25
age: 1401
x-content-class: static
x-ttfb: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3790
server: cloudflare
x-cache-0: H
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BzuG1kMp%2Bvy7UMZTWIL6OJ2sI0TXKpCMVCtQnvLS%2B0knd9Qh2ImTII6FjLKMfMmElc78%2FNj6XBvQ5l%2BFo7XWyT9jTtQh1TYFvEsYEyQN2VsMXtprcw2tzcpvDi%2BEpRdfEAm%2FerbY1lmTcg4vNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-debug-0: He
cache-control: public, max-age=15780000, s-maxage=15780000
x-ba-0: thumbor
accept-ranges: bytes
cf-ray: 6df913c95d6c7753-LHR
x-storage: MA

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/ 3 KB
2 KB 175ms
59ms Script
application/javascript 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d90a3e8724f5f1a18ca679af2b7992bdf64f9921da1ab75df7150a6b7baa3cce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 18 Feb 2022 17:46:48 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 08:13:08 GMT
server: AmazonS3
age: 8
etag: W/"f5cef1827a8bd97be6d234c4a9f480da"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: naAWEIt9lSyA0MVoe9v-CaHbvs0toJ6Vmzb7TWbdED73f4whijfWgQ==

GET
H2 200 vendor-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 305 KB
39 KB 210ms
66ms XHR
application/json 2600:9000:2156:de00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed672c552560517007a3e20176c250b34cb4203c13bfbd02a7c68840d5875148

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:00:41 GMT
content-encoding: gzip
age: 53171
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"f5a512517c0a7c29f151c291d0f28a2a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: FqicbUDuyIUQw0Y5DYvtJ5egAdh7UJ.I
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: fwrJEg3-wBfxkF-jg0_wR2kRPgf1AQM7pidzM6uMGR1N8Wwikp63Qw==

GET
H2 204 noniab-vendorlist.json Show response
quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/.well-known/ 0
383 B 187ms
60ms XHR
text/plain 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/.well-known/noniab-vendorlist.json?timestamp=1645206413420
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/quantcast-choice/public/js/script.min.js?ver=2.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:16 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
server: AmazonS3
age: 34
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=900
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: O63NXOjAx8FtlvL2kQvHCAty1FVoO3X05bi--t6bQXvpqvmnUhhzhg==

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
310 B 224ms
92ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.40.0&cb=80735921683

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 157ms
51ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gandul.ro
date: Fri, 18 Feb 2022 17:46:51 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 / Show response
adx.adform.net/adx/ 25 B
487 B 323ms
132ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTEwNDc1NzYmdHJhbnNhY3Rpb25JZD1jNTBmNjRmMS1mMTM2LTQyZmYtOWVhYi02Yzg0N2VjZmQwYjk%3D&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD0zMjY4NmFjZC05YWY4LTRkNjEtYmZlMy02NDY4MWVjZmE1NzY%3D&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD0xMjRlYTQ3YS1lNjRkLTQ1YjAtYmExMy1kNzE2ODM2Nzk4NDE%3D&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD05NWM0Mjk5My1jZTAzLTRmOTQtYjZkYi03MDEwOGNmMTk5OTM%3D&bWlkPTEwNDc1NzUmdHJhbnNhY3Rpb25JZD05MDM3YjNjYi05MmQ3LTRiM2YtYmZhNC0yMzUzZDFhNDkyMzE%3D&pt=gross&stid=b7e78e6a-a6a7-4aa3-a99a-45e37456bac9&fd=1

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f3f0b960f461d81b48d29ac360a0f3553add3be3e891fb67878b4f11a0822339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.gandul.ro
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST bid-request
rtb.adpone.com/ 0
0

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
725 B 185ms
82ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1211111713441
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebe5675d575f5ade906553d514ff0fb1725451208c697a7613152d30c2d01ef

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0D30jQeZT%2BkCnwcnF3ze0Y8A%2BhWSlpZ7tKpm1TRPNKmmsn2IO1dz%2BzAlT8Btsc40wAUUl9klZmtbUQLHwIfjCcnMXca%2FPM0O0sdk%2FaSeQ0V%2BHj14gjkanaM32IGeAy1DLjzZmJ%2FnQUhJv44"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6df913c999657786-LHR

POST
H2 200 bid-request Show response
rtb.adpone.com/ 737 B
972 B 171ms
67ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=12111117134669
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad4220f688080e165bc9ae1ddcb6d78ee8d0a37a4545d6854c2932a95ccede3

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlnXWmcXpYwClUK%2Fti7uXAffGUKwfv06olq7YViV8NCChlHrLENZL1KFPRDoYHaAoCINMqUnt%2BTW7OuVYY3%2FqhKCoL3SWcsJvb47p1DRKWY2M9ITpgVY1qU1gLc0Dh79s8KcpQuDvZeX6us1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6df913c999667786-LHR

POST bid-request
rtb.adpone.com/ 0
0

POST
H2 200 bid-request Show response
rtb.adpone.com/ 737 B
704 B 224ms
121ms XHR
application/json 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=12111117134669
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7302911ddd78a23859566715b4c8b48b34aecd52f0e6058a4d57df794d3abe59

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osAjtMth082VceI73bGkZFmUWQbYfbBZKbRg3XXFBpWjD7WZaNSGLl9f4WH8pkJtZx2yQqJ3dS4h93K0vKjG8lnH5kYQl5qIYJ9p2keJSGl7TOweiMrXRl5gNqQHVGP5Egg%2FsAPe6B4o%2FdJP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
cf-ray: 6df913c999677786-LHR

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 110ms
59ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1597
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6df913c99a4d0712-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 21 Feb 2022 17:46:51 GMT

GET
H2 200 pubads_impl_2022021502.js Show response
securepubads.g.doubleclick.net/gpt/ 360 KB
121 KB 169ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021502.js?31064987

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 16:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123418
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 02:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Feb 2023 16:08:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 204 B
758 B 178ms
63ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gandul.ro

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

298d0041946e2b4f141262fa102741fdf30ef6f1ec3bd4670466fea1734e4a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H3 200 impl.v14.0.0.js Show response
live.demand.supply/ 78 KB
25 KB 107ms
60ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v14.0.0.js
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNZGD9ZVC0KK5CB35266
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 1635473
cf-polished: origSize=79681
cf-ray: 6df913c9cd3274e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 d3d3LmdhbmR1bC5yby8= Show response
live.demand.supply/p4/v14-0-0/ 981 B
714 B 157ms
110ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/d3d3LmdhbmR1bC5yby8=
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753d52d4c0f3f78693761532a22a31aded838c62c1e05339bbd1ea69c9754955

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6df913c9cd2f74e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 9E0D 684 B
749 B 169ms
57ms Document
text/html 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/

Response headers

Accept-Ranges: bytes
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Content-Length: 379
Cache-Control: max-age=864000
Expires: Mon, 28 Feb 2022 17:46:51 GMT
Date: Fri, 18 Feb 2022 17:46:51 GMT
Connection: keep-alive
Content-Type: text/html
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Vary: Accept-Encoding

GET
H/1.1 200
OK push Show response
comcluster.cxense.com/dmp/ 64 B
636 B 246ms
60ms Script
text/javascript 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://comcluster.cxense.com/dmp/push?callback=cXJsonpCBkzspf57iq28e2v9c&ver=2.3.1&persisted=fcadb0c22bec63a3e94af5a65644fc6b869880e0&json=%7B%22events%22%3A%5B%7B%22type%22%3A%22adBlockerDetection%22%2C%22rnd%22%3A%22kzspf57iy9qnpinx%22%2C%22siteId%22%3A%221135102062960807732%22%2C%22prnd%22%3A%22kzspf56ixcfakh2r%22%2C%22userIds%22%3A%5B%7B%22id%22%3A%22kzspf579t7mh7gt4%22%2C%22type%22%3A%22cx%22%7D%5D%2C%22origin%22%3A%22brt-adblock%22%2C%22customParameters%22%3A%5B%7B%22group%22%3A%22adBlockerDetected%22%2C%22item%22%3A%22No%22%2C%22type%22%3A%22string%22%7D%5D%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de716.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

700e4cb7b446689efa192f4fdfff2ddda031a798a596eb72efe19202ea286887

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:51 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 64
expires: Mon, 26 Jul 1997 05:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 104ms
58ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=254&cs=c&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN1PNCK8SCCFKGWHBWVFNPJE
date: Fri, 18 Feb 2022 17:46:51 GMT
cf-cache-status: HIT
age: 2284757
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6df913c9ec190696-LHR

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
27 KB 290ms
202ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

8475e953730aec698996dc34eabd999167dcfb31ff771f813856cc22d3b03104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27564
x-xss-protection: 0
server: sffe
etag: "1135 / 499 of 1000 / last-modified: 1645185935"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
470 B 102ms
57ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMYG85FX85PJ1BN09VMJ97FW
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 2193448
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6df913c9ec1c0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 186ms
66ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 550
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 159J840RAFZBP00JK3S6
date: Fri, 18 Feb 2022 17:37:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: A30wY4c5ljRRNb0wjjNNNKNVa1YufimmPz3p0o6U6besBHtr04w87Q==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 101ms
56ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN1NWZZEQST1J7EZEBV0KQK6
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 478081
etag: W/"362f610a25ff544356d95c210cc7ef4e-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6df913c9ec1e0696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 114E 341 KB
47 KB 117ms
55ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 11:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47760
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Feb 2023 11:38:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 114E 15 KB
16 KB 172ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 261610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 17:06:41 GMT

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 137ms
75ms Fetch
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53565
x-xss-protection: 0
server: cafe
etag: 18258393063481352237
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 145ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8829549769681779&plah=www.gandul.ro

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106772
x-xss-protection: 0
server: cafe
etag: 16804192996499609317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Feb 2022 17:46:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 00BE 10 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 18 Feb 2022 03:10:18 GMT
expires: Fri, 04 Mar 2022 03:10:18 GMT
cache-control: public, max-age=1209600
age: 52593
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 114E 283 KB
85 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87214
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:21 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame 114E 2 MB
538 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e2d2046e9a8880e8cbd01dedd18638c0bc6aadfb438216566379b689a3e6d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 550540
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:56:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 114E 10 KB
3 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 10:35:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Feb 2023 10:35:16 GMT

GET
H/1.1 200
OK ok9.js Show response
odnaknopka.ru/ 143 B
414 B 495ms
91ms Script
text/javascript 192.102.6.123
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/ok9.js
Requested by: Host: neuronales.xyz
URL: https://neuronales.xyz/easylist/13087
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.102.6.123 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: server.odnaknopka.ru
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.5
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:52 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.5
ETag: aa37bfaf807734c72c2c0538dac05175
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 197ms
60ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 25 Feb 2022 17:46:52 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
44 KB 68ms
67ms Script
text/javascript 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/bt8V6jazXTuLs/www.gandul.ro/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:21 GMT
content-encoding: br
age: 50
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: H_U1-1rSRhuzpUOpbMOkqduqMgsBBekpT4j6E2pkRBAXrZq0fm2MyA==

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
364 B 53ms
53ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMV3Z855637WVE1HQJYTWK30
date: Fri, 18 Feb 2022 17:46:51 GMT
cf-cache-status: HIT
age: 147147
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6df913ca7d340696-LHR

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 59ms
59ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN0J18J3PBRSCV8HHF6ZFMWF
date: Fri, 18 Feb 2022 17:46:51 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2193932
etag: W/"9bafda7cf8dec16f272df141e953a55a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6df913ca8ed674e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gandul.ro_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 27 B
255 B 281ms
281ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/gandul.ro_728x90_sticky_display_bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=98&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0ba0085e08f023ff102a6681597d18140f7060ab8ed71251a6d126c1b14715

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6df913ca9d560696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H2 200 web Show response
onesignal.com/api/v1/sync/f487e21e-4a37-4c7b-a2de-dedb267c05f9/ 5 KB
2 KB 71ms
57ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/f487e21e-4a37-4c7b-a2de-dedb267c05f9/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27cc02d6eed2199fc6c6748cb045cc10d5c4cc90e741d6416829753ad4be840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1684
cf-polished: origSize=5125
status: 200 OK
x-envoy-upstream-service-time: 108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b6ecac73-a689-4014-b4f4-06bcf90b5a91
x-runtime: 0.106641
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a49944daf0f9de37fefb111b163bd6ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6df913cb2fe874cd-LHR
access-control-allow-headers: SDK-Version
expires: Fri, 18 Feb 2022 18:46:52 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 9E0D 64 KB
22 KB 66ms
66ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 13:47:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21887
Expires: Fri, 18 Feb 2022 18:46:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1572980-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 719
date: Fri, 18 Feb 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Feb 2022 19:34:53 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 58ms
58ms XHR
application/json 2600:9000:2156:de00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:00:40 GMT
content-encoding: br
age: 53173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"4b1249837503afcdf64c329aec87b38a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: C1duc43v_bEFE_70PpEXCEmafaqYOqGL2nLZWjCOW05kMi7Ey9X_HQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 65ms
64ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gandul.ro&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 13:11:46 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Server
age: 16505
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gandul.ro
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AYHBxdJ4pK9T_mF6r9WwH3ZjqRkVf6A98uSlL7yokSR6wo7irnUCag==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 181ms
57ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 67035
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Thu, 17 Feb 2022 23:09:38 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: koq9lican0QRzauftVT1oBGLNsK_0uIVBtMl_S2Eq_5V8lqLV-UemA==

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 9E0D 46 B
636 B 247ms
60ms Script
text/javascript 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: abb951f5ec911e3a27b845c43d5132b9612f442f80e1cc5a90bbcb6dbb663342

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
last-modified: Wed, 18 Aug 2021 17:46:52 GMT
server: Jetty(9.4.28.v20200408)
etag: 3qrc6lkc8wrh1lprepxv01xe4
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Sat, 18 Feb 2023 17:46:52 GMT

GET
H2 200 cmp2ui-ro.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 235 KB
55 KB 70ms
69ms Script
text/javascript 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-ro.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b91e98b8ee14e7452814fa031d66aaad582a683f3651e2e4aceb5605e68f3ddb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:39:50 GMT
content-encoding: br
age: 90423
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:24 GMT
server: AmazonS3
etag: W/"9a4e61cdcdaf9247e0b68555b36783e1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pL5wQiHNnvuI5YeEuiorgN-aZZ4enDo_rQOho6fYWYhWkgVPLW5iQA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 89ms
89ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gandul.ro%2F&pid=q5h2pf0Gcq7mp&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22gandul.ro_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: C66F3KSYNHR9J61ZVG4V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 14PUGKSj_XM5tG5F8L4Dl0q5lDvCaYi-CQvtYSsG7vWBtAQunGPg9w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 96ms
95ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gandul.ro%2F&pid=q5h2pf0Gcq7mp&cb=1&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22gandul.ro_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: EMJB7RB7A131RCV5Z0MN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gandul.ro
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sWjjExytucQqOJxNysBQFAJ0ylB5szwlamWW0ZuikTOfcL-pMpyRYg==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
36 KB 68ms
67ms XHR
application/json 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2991dd569d370103846b2fcac07f52a3914e59fdd33e39bb3c8b2a57b6f6e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:00:36 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 53177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"b1407904a04b85a098386847616eb336"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nIaYNU-4WiYs9MEqibuZiSYIzR1q6ajxVToEmJ4iLqGtd5loQ8R-VQ==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 122ms
121ms XHR
application/json 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:03:48 GMT
content-encoding: br
age: 52985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 03:03:46 GMT
server: AmazonS3
etag: W/"e095029eba3dbb82040530a0e49b05ed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EmdzW7dxSiV_gUYMcxahH6YMbu_1QciQKXx1yVvkxDC6atUH6GDmng==

GET
H2 200 rules-p-bt8V6jazXTuLs.js Show response
rules.quantcount.com/ 2 B
344 B 174ms
57ms Script
application/javascript 2600:9000:2156:e600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-bt8V6jazXTuLs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:13:47 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: AmazonS3
age: 1984
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
content-length: 2
x-amz-cf-id: 7wves_SDItpXhJekUZfUymVasrdtpxaIPcbln3hbRBfsOaLwevlxjQ==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 54ms
53ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=gandul.ro_728x90_sticky_display_bottom&pdc=-2.0436384677886963&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FN1PNCK8SCCFKGWHBWVFNPJE
date: Fri, 18 Feb 2022 17:46:52 GMT
cf-cache-status: HIT
age: 2284758
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6df913cc68930696-LHR

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
364 B 52ms
52ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=gandul.ro_728x90_sticky_display_bottom&dsReferer=aHR0cHM6Ly93d3cuZ2FuZHVsLnJvLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id: 01FMV3Z855637WVE1HQJYTWK30
date: Fri, 18 Feb 2022 17:46:52 GMT
cf-cache-status: HIT
age: 147148
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6df913cc68970696-LHR

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 114E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

62ms
61ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

724c3072ec6d96452474a1e4e60110c494a1ce36f0f967fd62a763d7e60c0cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 18 Feb 2022 17:46:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 114E 29 B
588 B 184ms
53ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:44:18 GMT
x-content-type-options: nosniff
age: 154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Feb 2022 17:59:18 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 130ms
67ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1537572759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gandul.ro%2F&ul=en-us&de=UTF-8&dt=%C8%98tiri%20de%20ultim%C4%83%20or%C4%83%20%C8%99i%20ultimele%20%C8%99tiri%20online%20%7C%20G%C3%A2ndul&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1614816186&gjid=597658161&cid=1964932815.1645206414&tid=UA-1572980-1&_gid=1655267515.1645206414&_r=1&gtm=2ou2g0&z=1628396401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gandul.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 initplayback Show response
redirector.googlevideo.com/ Frame 114E 168 B
866 B 191ms
61ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redirector.googlevideo.com/initplayback?alr=yes&id=%s

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ClientMapServer /

Resource Hash

aea3622f90032e54f73decfe37c7887bfb99a7f8ae2b584c296a5a7b5dd87226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame 114E 119 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fad57d369304343119651742b6c4a22df985c61fb92ea0197d1f37a5217f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37676
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 16:03:18 GMT

GET
H2 200 LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js Show response
www.google.com/js/th/ Frame 114E 35 KB
14 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/LUZC6BrGWKwONhLt-4ttNu4z7FD5LramrRgxO4PDNOE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13597
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 18:01:12 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/ Frame 114E 26 KB
8 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7661
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:57:00 GMT

GET
DATA 200
OK truncated
/ Frame 114E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTdwP78EGJz4Oc9ZnGx9-_AcqConFtl5LawUsCD=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 114E 2 KB
2 KB 182ms
54ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTdwP78EGJz4Oc9ZnGx9-_AcqConFtl5LawUsCD=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71ecffe9fb722544de36b480ceab8865bc99ae586dfcfc0298fad14a5cca9a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 16:16:02 GMT
x-content-type-options: nosniff
age: 5450
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1660
x-xss-protection: 0
server: fife
etag: "v5b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:28:50 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/6UVEwXAl3GA/ Frame 114E 15 KB
15 KB 190ms
59ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6UVEwXAl3GA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf8c6623694f7c17fba2759e6867b60e224e4eef221173cee343a230a986584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:44:04 GMT
x-content-type-options: nosniff
age: 168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14876
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Feb 2022 17:49:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 114E 12 KB
12 KB 117ms
55ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 18:00:42 GMT
x-content-type-options: nosniff
age: 344770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 14 Feb 2023 18:00:42 GMT

GET
H2 200 purposes-RO.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 34 KB
5 KB 59ms
59ms XHR
application/json 2600:9000:2156:2a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/purposes-RO.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.gandul.ro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee3a3fc04e4d364b760ed3fa3332651ae9b941a95c508089cd306e3042a2ba3c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:00:36 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 53177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 18 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"473ddb8a45d539ea992a391b69941bad"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Z5B0pZ3xnSpYM8D2q54L22NbBCd_jOTX7Sei9clqYMtLf0rIxU_GVA==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 189ms
59ms XHR
text/plain 18.158.151.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22bt8V6jazXTuLs%22%2C%22domain%22%3A%22www.gandul.ro%22%2C%22publisher%22%3A%22Gandul.ro%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%2222zCn0WhJ8QvUrV1D2264Q%22%2C%22clientTimestamp%22%3A1645206414278%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5ogcmc9sviqdmumaxypi%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-ro.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.151.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-151-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Feb 2022 17:46:52 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 9E0D 43 B
469 B 62ms
62ms Image
image/gif 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.3.1&typ=pgv&rnd=kzspf56ixcfakh2r&sid=1135102062960807732&loc=https%3A%2F%2Fwww.gandul.ro%2F&new=1&arf=0&ltm=1645206413562&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kzspf578e0j8ojvq&ckp=kzspf579t7mh7gt4&glb=&amo=1623045129&cst=3qrc6lkc8wrh1lprepxv01xe4
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de716.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK stat.js Show response
odnaknopka.ru/ 766 B
990 B 1203ms
1203ms Script
application/javascript 192.102.6.123
HVDS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/stat.js
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/ok9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.102.6.123 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA),
Reverse DNS: server.odnaknopka.ru
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.5
Resource Hash: 4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:53 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.5
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 118 B
691 B 244ms
63ms Script
text/javascript 178.63.12.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22kzspf579t7mh7gt4%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223qrc6lkc8wrh1lprepxv01xe4%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223qrc6lkc8wrh1lprepxv01xe4%22%7D%5D%2C%22siteId%22%3A%221135102062960807732%22%2C%22location%22%3A%22https%3A%2F%2Fwww.gandul.ro%2F%22%7D&callback=cXJsonpCBkzspf5sffzh9wb42

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.63.12.208 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

de716.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

b9093a4b39d82544ba707c561f77d09cab042a746bc3d63570466b7fdbb24bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:52 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 118
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 114E 4 KB
3 KB 210ms
95ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Feb 2022 17:46:52 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 205ms
54ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=190540&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/190540-122528310662128.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 7b61de9662a6dd940812d4ec42ffe2267004a8944f0293d8441df71933cbb046

Request headers

Referer: https://www.gandul.ro/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gandul.ro
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 20 Mar 2022 17:46:52 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 114E 0
9 B 54ms
54ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1-iLMQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/6UVEwXAl3GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 114E 52 KB
15 KB 116ms
55ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 13:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 19 Feb 2022 13:07:59 GMT

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 63 B
315 B 243ms
56ms Script
application/javascript 18.203.56.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=0&cm=1&sg=1&callback=adapt_dataRequest_sati_admp.campaignCallback&cb=1645206414637&evid=&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.56.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-56-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:53 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Content-Length: 63
Content-Type: application/javascript

GET
H/1.1 200
OK user Show response
admp-tc-sati.adtlgc.com/ 98 B
538 B 57ms
56ms Script
application/javascript 18.203.56.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/user?nw=1&cm=0&sg=0&callback=adapt_dataRequest_sati_admp.validateCallback&cb=1645206414886&evid=cx:1tq0xxvppoc3k34xuuaifhu5pm:1qferhiguvyla&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.56.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-56-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cd64d82d94b330228c05f2804c06b456981ec782577f18dee4225eb2142990b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 17:46:53 GMT
Connection: keep-alive
P3P: policyref="http://code.adtlgc.com/w3c/p3p.xml",CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Content-Length: 98
Content-Type: application/javascript

GET
H/1.1 200
OK pagestat Show response
admp-tc-sati.adtlgc.com/event/v3/ 0
276 B 218ms
54ms XHR
image/jpeg 18.203.56.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://admp-tc-sati.adtlgc.com/event/v3/pagestat?location=https%3A%2F%2Fwww.gandul.ro%2F&cb=1645206414957&evid=cx:1tq0xxvppoc3k34xuuaifhu5pm:1qferhiguvyla&v=2.39
Requested by: Host: code3.adtlgc.com
URL: https://code3.adtlgc.com/js/sati_init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.56.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-56-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

XDomainRequestAllowed: 1
Date: Fri, 18 Feb 2022 17:46:53 GMT
Access-Control-Allow-Methods: *
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.gandul.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 91 B
708 B 232ms
57ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCBkzspf69ld8ncaj5g&persisted=993f7e91f41899181a61f3b6fa338bd436cdd1b7&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22kzspf579t7mh7gt4%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: scdn.cxense.com
URL: https://scdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

9b82acd422aacb3dd9c9a779cc4861e2e2c8279c99c52c015b048bca5e81a27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:53 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 91
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/a/ Frame FEB5
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/a/

190 B
366 B

348ms
64ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/a/
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 54c66b4c5f65905ba6a55c3d95ac4bb40c7734ca8727114b33cbf3ae651d28c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/

Response headers

Server: nginx/1.12.2
Date: Fri, 18 Feb 2022 17:46:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

Redirect headers

server: nginx/1.20.1
date: Fri, 18 Feb 2022 17:46:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.0.12
access-control-allow-origin: *
location: https://pubmedya.net/vu/a/

GET
H2

200

continuation_default.htm Show response
sale.aliexpress.ru/ru/__pc/ Frame AA19
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6718&cn=-&cv=427080&dp=82.199.130.39
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_At...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=f0e8d4f5536745c68aec6edb10202607&xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718...
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_At...

15 KB
5 KB

98ms
97ms

Document
text/html

62.128.97.7
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607

Requested by

Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

62.128.97.7 Moscow, Russian Federation, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Tengine/Aserver /

Resource Hash

4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/

Response headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
cache-control: no-transform,public,max-age=90,s-maxage=120
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0b8b15cb16452064163545525efb1b
timing-allow-origin: *

Redirect headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-type: text/html;charset=UTF-8
content-length: 0
location: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
p3p: CP="CAO PSA OUR"
content-language: en-US
server: Tengine/Aserver
eagleeye-traceid: 0b8b15c916452064162553295eec96
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H/1.1 200
OK / Show response
pubmedya.net/vu/a/ Frame 0CAF 5 KB
5 KB 177ms
60ms Document
text/html 176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/a/?
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: d4fd96901f118792b2712bb200319d350519b83e7e392016659279c29f5c6d29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/vu/a/

Response headers

Server: nginx/1.12.2
Date: Fri, 18 Feb 2022 17:46:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H2 200 / Show response
www.eneba.com/ Frame 0CAF 0
0 1675ms
1563ms Script
text/html 2606:4700:10::ac43:1c9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eneba.com/?admitad_uid=619452b3bbc2e4b19edc2ffa90c8a15b
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1c9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.bongacams.com/ Frame 0CAF
Redirect Chain

https://bngpt.com/h.php?v=2&c=287325
https://bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
https://de.bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow

0
0

424ms
309ms

Script
text/html

195.85.23.96
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://de.bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 195.85.23.96 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS: net-96-23-conversasro.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
location: https://de.bongacams.com/?bcs=c3RrbjcwZGM5NWIyOTlkZGQzMjFiMTg3ZTVlZjc3N2Q1YmI0OjoxODMzNDY6Omh0dHBzOi8vcHVibWVkeWEubmV0Lzo6Ojo6OjI4NzMyNTo6MDo6MDo6MDo6OjowOjpkZWZhdWx0Ojow
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6df913dd799375bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-zone: 4-reserve07-ded7550

GET
H2

200

/ Show response
chaturbate.com/charming_girls/ Frame 0CAF
Redirect Chain

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
https://chaturbate.com/charming_girls/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n

0
0

263ms
263ms

Script
text/html

2606:4700::6812:6428
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chaturbate.com/charming_girls/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700::6812:6428 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:55 GMT
via: 1.1 google, 1.1 google
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cf-ctrl: Z
cf-ray: 6df913dd493674d5-LHR
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie, Accept-Encoding
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce, 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
content-language: en
location: /charming_girls/?join_overlay=1&tour=hr8m&disable_sound=0&campaign=sgo1n
cache-control: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8

GET
H2

200

/ Show response
www.thelotter.com/de/ Frame 0CAF
Redirect Chain

https://www.thelotter.com/?tl_affid=9175
https://www.thelotter.com/de/?tl_affid=9175

0
0

255ms
254ms

Script
text/html

107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter.com/de/?tl_affid=9175
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000
server
x-powered-by: ASP.NET
location: https://www.thelotter.com/de/?tl_affid=9175
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-iinfo: 12-181774273-181774274 NNNY CT(8 10 0) RT(1645206414579 0) q(0 0 0 0) r(1 1) U11
date: Fri, 18 Feb 2022 17:46:54 GMT
server-name: simba1
access-control-allow-headers: *
content-length: 160
x-cdn: Imperva
x-ua-compatible: IE=edge

GET
H2 200 Home.do Show response
www.rentalcars.com/ Frame 0CAF 0
0 432ms
315ms Script
text/html 104.16.106.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1VOcOcZEstt&utm_source=ca&aip=1jf&click_id=5hnZ1VOcOcZEstt
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.106.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

https://www.binance.com/ru/register?ref=KZTDOPQP
https://accounts.binance.com/ru/register?ref=KZTDOPQP

0
0

229ms
66ms

Script
text/html

143.204.98.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.binance.com/ru/register?ref=KZTDOPQP
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 143.204.98.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-118.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:41 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
server: Tengine
age: 13
x-cache: Hit from cloudfront
content-type: text/html
location: https://accounts.binance.com/ru/register?ref=KZTDOPQP
cache-control: no-store,max-age=0,must-revalidate
x-amz-cf-pop: FRA50-C1
content-length: 215
x-amz-cf-id: TJBsD7fp7nsbUYj5oiA2NXzA3ynHpZxZvd6a3FfOhYzhumFQPUjBVA==

GET
H2

200

JFIAMo Show response
is.gd/ Frame 0CAF
Redirect Chain

https://bread.pp.ua/w
https://is.gd/JFIAMo

0
0

245ms
139ms

Script
text/html

2606:4700:20::6819:e935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://is.gd/JFIAMo
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700:20::6819:e935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Date: Fri, 18 Feb 2022 17:46:54 GMT
Server: nginx/1.14.1
Access-Control-Allow-Origin: *
X-Powered-By: PHP/7.3.4
Content-Type: text/html; charset=UTF-8
Location: https://is.gd/JFIAMo
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
www.lightinthebox.com/ Frame 0CAF 0
0 506ms
266ms Script
text/html 2.16.186.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=zzeRo6RzFxyIUeizap0BSzDkUkGRiCzGc0o4VQ0&irgwc=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 503 /
p2pb2b.io/ Frame 0CAF 0
0 172ms
55ms Script
text/html 2606:4700:20::681b:5171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p2pb2b.io/?referral=5dacfd8f
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681b:5171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

200
OK

/ Show response
www.litefinance.com/ Frame 0CAF
Redirect Chain

https://www.liteforex.com/?uid=322652589
https://litefinance.com/?uid=322652589
https://www.litefinance.com/?uid=322652589

0
0

419ms
305ms

Script
text/html

178.248.238.82
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.litefinance.com/?uid=322652589
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: HTTP/1.1
Server: 178.248.238.82 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://www.litefinance.com/?uid=322652589
Date: Fri, 18 Feb 2022 17:46:54 GMT
Server: QRATOR
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 162
Content-Type: text/html

GET
H2 520 /
www.instaforex.com/ Frame 0CAF 0
0 262ms
143ms Script
text/html 2606:4700:10::6816:df6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instaforex.com/?x=LVYG
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.ebay.com/ Frame 0CAF
Redirect Chain

https://pubmedya.net/to2/uatest/
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mpre=
https://rover.ebay.com/rover/1/711-155609-835623-2/16?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_r...

0
0

469ms
283ms

Script
text/html

23.35.237.31

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 23.35.237.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://www.ebay.com?PARM3_ID=GBH_168&FF11=GBH_168&kw=620fbea85c66c500013db656_14330&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
date: Fri, 18 Feb 2022 17:46:56 GMT
server: ebay-proxy-server
content-length: 0

GET
H2 200 443457 Show response
faucetcrypto.com/ref/ Frame 0CAF 0
0 333ms
229ms Script
text/html 2606:4700:10::ac43:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetcrypto.com/ref/443457
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.miniinthebox.com/ Frame 0CAF 0
0 588ms
498ms Script
text/html 2.16.186.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2lpww9RzCxyIWw2RyO1kfUW4UkGRiuy%3Ac0o4VQ0&irgwc=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
de.banggood.com/ Frame 0CAF 0
0 990ms
652ms Script
text/html 104.90.139.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de.banggood.com/?admitad_uid=514787364c26e785a6aa78063a0c6511&utm_content=656490&tagtag_uid=514787364c26e785a6aa78063a0c6511
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.139.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-139-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
freebitco.in/signup/ Frame 0CAF
Redirect Chain

https://freebitco.in/?r=3669689
https://freebitco.in/signup/?op=s&r=3669689

0
0

60ms
60ms

Script
text/html

104.22.6.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freebitco.in/signup/?op=s&r=3669689
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 104.22.6.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://freebitco.in/signup/?op=s&r=3669689
cache-control: max-age=0
cf-ray: 6df913df3bef71bd-LHR
expires: Fri, 18 Feb 2022 17:46:55 GMT

GET
H2

200

/ Show response
www.udemy.com/ Frame 0CAF
Redirect Chain

https://pubmedya.net/to2/udemy2.com/
https://www.udemy.com/?deal_code=&utm_source=aff-campaign&utm_medium=udemyads&utm_term=Homepage&utm_content=Textlink&utm_campaign=Admitad-default&admitad_uid=648bd1e88f36dc6ed57bdbb32bdfc816&publis...

0
0

807ms
702ms

Script
text/html

2606:4700::6810:4155

General

Check archive.org

Show headers Download Go to

Full URL: https://www.udemy.com/?deal_code=&utm_source=aff-campaign&utm_medium=udemyads&utm_term=Homepage&utm_content=Textlink&utm_campaign=Admitad-default&admitad_uid=648bd1e88f36dc6ed57bdbb32bdfc816&publisher_id=656490&website_id=747910
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700::6810:4155 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://www.udemy.com/?deal_code=&utm_source=aff-campaign&utm_medium=udemyads&utm_term=Homepage&utm_content=Textlink&utm_campaign=Admitad-default&admitad_uid=648bd1e88f36dc6ed57bdbb32bdfc816&publisher_id=656490&website_id=747910
Date: Fri, 18 Feb 2022 17:46:56 GMT
Referrer-Policy: no-referrer
Server: nginx/1.12.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.forextime.com/ Frame 0CAF 0
0 218ms
86ms Script
text/html 2606:4700::6811:a149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.forextime.com/?partner_id=4822342
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 safepal-hardware-wallet-s1-bitcoin-wallet Show response
shop.safepal.io/products/ Frame 0CAF 0
0 395ms
234ms Script
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.safepal.io/products/safepal-hardware-wallet-s1-bitcoin-wallet?ref=anatoliikovbasiuk7
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
stripchat.com/ Frame 0CAF 0
0 353ms
241ms Script
text/html 2606:4700::6813:b729
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b729 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

403
Forbidden

/
my6.roboforex.org/ru/ Frame 0CAF
Redirect Chain

https://rbfxdirect.com/ru/lk/?a=zkeb
https://my6.roboforex.org/ru/?a=zkeb

0
0

200ms
70ms

Script
text/html

164.90.198.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://my6.roboforex.org/ru/?a=zkeb
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: HTTP/1.1
Server: 164.90.198.24 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvVvrsM4idM5CYGeV142r44PojMxkUgVOSx56znoTXZhW846oQd4U%2F1fkFHM9KP%2Fk0DXxEOU8Z72CxpSV0yVeb%2F4mNsjvZXlnJN3R9MLXmEQ6Yn3rpqFoQR%2BXZoLwLehhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://my6.roboforex.org/ru/?a=zkeb
cf-ray: 6df913e1ba9506e1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
www.exness.uk/ Frame 0CAF
Redirect Chain

https://www.exness.com/a/vps0b6j3
https://www.exness.com/?utm_source=partners&_8f4x=1
https://www.exness.uk/?utm_source=partners&_8f4x=1

0
0

189ms
55ms

Script
text/html

45.60.78.64
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.exness.uk/?utm_source=partners&_8f4x=1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 45.60.78.64 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://www.exness.uk/?utm_source=partners&_8f4x=1
x-iinfo: 3-100655876-100642013 pNNN RT(1645206415099 0) q(0 0 0 -1) r(1 1) U11
cache-control: no-cache
x-cdn: Imperva
content-length: 0

GET
H2 200 / Show response
biswap.org/ Frame 0CAF 0
0 204ms
92ms Script
text/html 2606:4700:3033::6815:2d21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biswap.org/?ref=2180341ef54b29100590
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2d21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
gleam.io/ Frame 0CAF 0
0 469ms
356ms Script
text/html 172.66.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gleam.io/?via=1874976
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.66.40.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET

/
www.solanium.io/project/tabtrader/ Frame 0CAF
Redirect Chain

https://solanium.io/project/tabtrader/?ref=SBBuqmht
http://www.solanium.io/project/tabtrader/?ref=SBBuqmht

0
0

GET

/
www.nike.com/gb/ Frame 0CAF
Redirect Chain

https://pubmedya.net/to2/nike.all/
https://www.zenaps.com/rclick.php?mid=16349&c_len=604800&c_ts=1645198628&c_cnt=596935%7C0%7C0%7C1645198628%7C6e1b01bd4818da7b028ca69ab34a9bb5%7Caw%7C0&ir=a194bec0-90d0-11ec-9f90-226225cdd961&pr=htt...
https://www.nike.com/?CP=EUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473&utm_source=httpwwwadmitadcom&utm_medium=affiliate&utm_campaign=596935&utm_content=300473&awc=16349_1645198628_48e0322c5bd7...
https://www.nike.com/gb/?CP=EUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473&utm_source=httpwwwadmitadcom&utm_medium=affiliate&utm_campaign=596935&utm_content=300473&awc=16349_1645198628_48e0322c5...

0
0

GET

/
lite-1x830514.top/en/ Frame 0CAF
Redirect Chain

https://pubmedya.net/to2/1xbet/
https://lite-1x830514.top/?tag=s_137887m_355c_
https://lite-1x830514.top/en/?tag=s_137887m_355c_

0
0

GET
H2 200 / Show response
www.tomtop.com/ Frame 0CAF 0
0 868ms
422ms Script
text/html 34.216.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tomtop.com/?aid=agru
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.189.66 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-189-66.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
creativemarket.com/ Frame 0CAF 0
0 706ms
590ms Script
text/html 2606:4700::6812:16e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemarket.com/?U=agrus
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
www.bitdegree.org/ Frame 0CAF
Redirect Chain

https://www.bitdegree.org/a/1153729
https://www.bitdegree.org/

0
0

1097ms
1097ms

Script
text/html

2606:4700:20::ac43:45a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitdegree.org/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700:20::ac43:45a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybDIXy%2BPanschAk%2F%2Fy7i8qdwPFvXJ5rJo%2FObbpZFMrj5nYDV0nOi%2FD6JjV34JWaGgqr4LWyJMsgoHfKAPFDGddt%2BtD6idamFtclvj8P3r1M%2BA9%2F7wSzJlD7TVnf%2FfMF%2BxJx0eh3eTmvETovxQi%2Br"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.bitdegree.org
cf-ray: 6df913e5ea9976b7-LHR

GET
H2 200 signup Show response
www.kucoin.com/ucenter/ Frame 0CAF 0
0 443ms
310ms Script
text/html 2606:4700::6812:136e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kucoin.com/ucenter/signup?rcode=1wfeext
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:136e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET

signup
www.probit.com/ Frame 0CAF
Redirect Chain

https://www.probit.com/r/61386411
https://www.probit.com/signup

0
0

GET
H2

200

/ Show response
cex.io/ Frame 0CAF
Redirect Chain

https://cex.io/r/0/up111785894/0/
https://cex.io/

0
0

103ms
103ms

Script
text/html

104.20.1.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cex.io/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 104.20.1.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location: https://cex.io
date: Fri, 18 Feb 2022 17:46:56 GMT
vary: Accept-Encoding
x-app-version: master.6627bae2.602ac9c9a72fd88e836b77849f2630bd7b924e2caaea56c83ed56e8f547f3017
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy-report-only: default-src 'self';connect-src 'self' https://maps.googleapis.com https://cex.io wss://cex.io/ws/;frame-src 'self' * ext.cex.io;font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://static.cex.io;img-src 'self' data: https://static.cex.io;media-src 'self' https://static.cex.io;style-src 'self' 'unsafe-inline' https://*.googleapis.com https://code.jquery.com https://static.cex.io;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cex.io;report-uri https://cex.io/cspr;
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6df913e68e457521-LHR
cf-cache-status: DYNAMIC

GET
H2

200

/ Show response
offer.alibaba.com/ Frame 0CAF
Redirect Chain

https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=c94fa3935a7ece3c94b12d88ba61d5c7&pid=656490
https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=j19u1ne5&e=6

0
0

182ms
182ms

Script
text/html

104.111.243.137

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.alibaba.com/?bm=cps&src=saf&cps_sk=j19u1ne5&e=6
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 104.111.243.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
timing-allow-origin: *
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
server-timing: rt;dur=0.023,eagleid;desc=2101e38216452064169245976effcb
content-length: 10
x-xss-protection: 1; mode=block
x-application-context: arcadia:7001
havana_s_tag: 285873024335988|134217728^|^^
referrer-policy: unsafe-url
havana_s_v: 4.0.2.6
x-frame-options: DENY
date: Fri, 18 Feb 2022 17:46:57 GMT
havana_s_ip: 45707956496f436e6d51704153413d3d
location: https://offer.alibaba.com?bm=cps&src=saf&cps_sk=j19u1ne5&e=6
havana_s_group: havana-session
content-language: en-GB
pragma: no-cache
havana_s_tid: 2101e38216452064169245976effcb
havana_s_status: STATUS_NOT_EXISTED
cache-control: max-age=0, no-cache, no-store
edge-type: akamai
content-type: text/html;charset=UTF-8
eagleid: 2101e38216452064169245976effcb
havana_s_ucode: USEAST:USEAST
expires: Fri, 18 Feb 2022 17:46:57 GMT

GET
H2 200 / Show response
changelly.com/ Frame 0CAF 0
0 230ms
119ms Script
text/html 2606:4700:3108::ac42:2ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/ Show response
de.dhgate.com/ Frame 0CAF
Redirect Chain

https://pubmedya.net/to2/dhgate/
https://de.dhgate.com/?f=bm|aff|admitad|1019090|04b74ddf47a992a98a4e45c09113f762|197649||

0
0

689ms
255ms

Script
text/html

2606:2800:235:1c73:1f86:1376:22ce:2cd

General

Check archive.org

Show headers Download Go to

Full URL: https://de.dhgate.com/?f=bm|aff|admitad|1019090|04b74ddf47a992a98a4e45c09113f762|197649||
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:2800:235:1c73:1f86:1376:22ce:2cd -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Location: https://de.dhgate.com/?f=bm|aff|admitad|1019090|04b74ddf47a992a98a4e45c09113f762|197649||
Date: Fri, 18 Feb 2022 17:46:56 GMT
Referrer-Policy: no-referrer
Server: nginx/1.12.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
cointracking.info/ Frame 0CAF 0
0 337ms
197ms Script
text/html 52.222.214.120

General

Check archive.org

Show headers Download Go to

Full URL: https://cointracking.info/?ref=A833575
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.120 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 8886709 Show response
www.gate.io/ref/ Frame 0CAF 0
0 594ms
461ms Script
text/html 104.18.28.208

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gate.io/ref/8886709
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.208 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ussjgcwocw Show response
nexo.io/ref/ Frame 0CAF 0
0 264ms
67ms Script
text/html 2606:4700::6812:1c15

General

Check archive.org

Show headers Download Go to

Full URL: https://nexo.io/ref/ussjgcwocw?src=web-link
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 403 /
paxful.com/ru/ Frame 0CAF 0
0 291ms
136ms Script
text/html 2606:4700::6811:3c3a

General

Check archive.org

Show headers Download Go to

Full URL: https://paxful.com/ru/?r=GzdvAoGWyQA
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3c3a -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
iqbroker.com//lp/ultimate-trading/ Frame 0CAF 0
0 245ms
101ms Script
text/html 185.117.134.138

General

Check archive.org

Show headers Download Go to

Full URL: https://iqbroker.com//lp/ultimate-trading/?active=forex2&aff=7792
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.117.134.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET

2788553
www.okx.com/join/ Frame 0CAF
Redirect Chain

https://www.okex.com/join/2788553
https://www.okx.com/join/2788553

0
0

GET
H2

200

/ Show response
remitano.com/ Frame 0CAF
Redirect Chain

https://remitano.com/join/2716653
https://remitano.com/

0
0

232ms
232ms

Script
text/html

2606:4700:10::ac43:1e5d

General

Check archive.org

Show headers Download Go to

Full URL: https://remitano.com/
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700:10::ac43:1e5d -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:57 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Remitano
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: text/plain; charset=utf-8
location: /
permissions-policy: camera=(*)
content-security-policy: default-src * 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval'
cf-ray: 6df913ee0f13743f-LHR
content-length: 23

GET
H2 200 / Show response
kinsta.com/ Frame 0CAF 0
0 581ms
476ms Script
text/html 2606:4700::6812:99

General

Check archive.org

Show headers Download Go to

Full URL: https://kinsta.com/?kaid=ARRPTWYMWIMC
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:99 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
fbs.com/ Frame 0CAF 0
0 243ms
135ms Script
text/html 2606:4700:20::681a:6bb

General

Check archive.org

Show headers Download Go to

Full URL: https://fbs.com/?ppu=3003439
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6bb -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.canva.com/q/pro/ Frame 0CAF 0
0 192ms
89ms Script
text/html 2606:4700::6811:7311

General

Check archive.org

Show headers Download Go to

Full URL: https://www.canva.com/q/pro/?irgwc=1&utm_medium=affiliate&utm_source=korfoorg&clickId=SdB0u1RzCxyIUAlXYLRve3KTUkGRirXuc0o4VQ0
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7311 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2

200

/
faucetpay.io/ Frame 0CAF
Redirect Chain

https://is.gd/QfvdqV
https://faucetpay.io/?r=612200

0
0

470ms
370ms

Script
text/html

2606:4700:20::681a:f02

General

Check archive.org

Show headers Download Go to

Full URL: https://faucetpay.io/?r=612200
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Server: 2606:4700:20::681a:f02 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Fri, 18 Feb 2022 17:46:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiNIHn20GnBXu84%2BN%2Bi0MxaYA5%2FXl0HjWCmuUw%2BxF%2BMZTzH3pzXRouOgvjaE%2FxtEyRTfYJfrAw14gLcxG7TmeoRgsQUOrdDqowzK4cr5gy200gaGoyF3R4gluE8JbLQOR9io"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://faucetpay.io/?r=612200
cf-ray: 6df913ed2e99886b-LHR

GET
H2 200 / Show response
www.agoda.com/ Frame 0CAF 0
0 396ms
230ms Script
text/html 23.45.104.178

General

Check archive.org

Show headers Download Go to

Full URL: https://www.agoda.com/?pcs=1&cid=1815903
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.104.178 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 / Show response
www.semrush.com/ Frame 0CAF 0
0 364ms
230ms Script
text/html 34.120.45.191

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semrush.com/?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/a/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.45.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET /
pubmedya.net/to2/iherb.com/ Frame 0CAF 0
0

GET

https://coinsbit.io/referral/abbb0df8-7383-4a72-b68a-b161a8ae6e74
https://coinsbit.io/register

0
0

GET /
localbitcoins.com/buy-bitcoins-online/ Frame 0CAF 0
0

GET /
www.banggood.com/ Frame 0CAF 0
0

GET /
www.hotelscombined.com/ Frame 0CAF 0
0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 393ms
126ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: www.gandul.ro
URL: https://www.gandul.ro/wp-content/plugins/strawberry-ads-manager/js/prebid4.40.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:54 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Feb 2022 17:46:54 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 114E 28 B
54 B 70ms
69ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6UVEwXAl3GA
X-YouTube-Client-Version: 1.20220216.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs2YmY0dHMzSmxEYyiLt7-QBg%3D%3D
X-YouTube-Ad-Signals: dt=1645206413916&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C610%2C343&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 18 Feb 2022 17:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 18 Feb 2022 17:46:54 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 90 KB
28 KB 189ms
64ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:55 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Feb 2022 17:46:55 GMT

GET
H2 200 base.css
i.alicdn.com/ams-static/3.0.0/global/ Frame AA19 62 KB
6 KB 353ms
59ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.css

Requested by

Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 15075172
fw_ip: 23.42.144.86, 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf150f96abadfeb38befb00238886480b716f1442cd4e182044e
x-swift-savetime: Wed, 10 Nov 2021 05:46:06 GMT
network_info: US_ASHBURN_20940, GB_LONDON_201011
x-readtime: 454
server-timing: rt;dur=0.458,eagleid;desc=0eee051a16200623378214120e
content-length: 5387
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Nov 2021 05:46:07 GMT
server: Akamai Resource Optimizer
date: Fri, 18 Feb 2022 17:46:56 GMT
x-download-options: noopen
ali-swift-global-savetime: 1620062338
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=6391919
served-from: 110.164.11.30
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 0eee051a16200623378214120e, a3b5239716365231667033555e
expires: Tue, 03 May 2022 17:18:55 GMT

GET
H2 200 base.js Show response
i.alicdn.com/ams-static/3.0.0/global/ Frame AA19 299 KB
52 KB 380ms
86ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31536000
fw_ip: 23.37.71.87, 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Wed, 08 Dec 2021 13:52:07 GMT
network_info: US_CHICAGO_35994, GB_LONDON_201011
x-readtime: 3865
server-timing: rt;dur=3.884,eagleid;desc=2ff6189916389715230688961e
content-length: 52509
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Dec 2021 13:52:51 GMT
server: Akamai Resource Optimizer
date: Fri, 18 Feb 2022 17:46:56 GMT
x-download-options: noopen
ali-swift-global-savetime: 1638971527
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=25301228
served-from: 47.246.24.254
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189916389715230688961e, 2ff6189d16389715696813277e
expires: Thu, 08 Dec 2022 13:54:04 GMT

GET
H2 200 index.js Show response
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame AA19 51 KB
18 KB 360ms
66ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 18415667
fw_ip: 92.122.105.52, 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf15fbabe94bc0c9b2e8e5c2ff2812bc29daf1442cd4e182044e
x-swift-savetime: Wed, 02 Jun 2021 15:07:26 GMT
network_info: US_SEATTLE_35994, GB_LONDON_201011
x-readtime: 448
server-timing: rt;dur=0.453,eagleid;desc=2ff6309b16095261132066376e
content-length: 17480
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 15:07:27 GMT
server: Akamai Resource Optimizer
date: Fri, 18 Feb 2022 17:46:56 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609526113
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=12555541
served-from: 2.20.143.159
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6309b16095261132066376e, 2ff62b9716226464464492432e
expires: Thu, 14 Jul 2022 01:25:57 GMT

GET
H2 200 ae-header-ru.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame AA19 97 KB
11 KB 275ms
56ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-encoding: br
x-oss-request-id: 609AA1B5ABC1AA343366B7D7
content-md5: okrp/0QFbl1eCReKmGgLqA==
x-swift-cachetime: 31536000
x-oss-hash-crc64ecma: 1856276477348331625
x-swift-savetime: Tue, 11 May 2021 15:24:37 GMT
content-length: 10289
x-oss-object-type: Normal
last-modified: Tue, 11 May 2021 15:24:38 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1620746677
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=7076303
served-from: 61.111.58.226
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SANJOSE_35994, GB_LONDON_201011
eagleid: 2ff61d9616207466766553482e
x-oss-server-time: 83
expires: Wed, 11 May 2022 15:25:19 GMT

GET
H2 200 footer.css
i.alicdn.com/ae-footer/20190918153024/buyer/front/ Frame AA19 2 KB
1 KB 356ms
64ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 29181570
fw_ip: 23.7.40.168, 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500108cd402224437f58e3328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Sat, 11 Dec 2021 07:46:25 GMT
network_info: US_SANJOSE_35994, GB_LONDON_201011
x-readtime: 261
server-timing: rt;dur=0.264,eagleid;desc=2ff6189816368543552701855e
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Dec 2021 07:46:25 GMT
server: Akamai Resource Optimizer
date: Fri, 18 Feb 2022 17:46:56 GMT
x-download-options: noopen
ali-swift-global-savetime: 1636854355
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=23184004
served-from: 184.28.127.49
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6189816368543552701855e, 2ff6149716392087849643978e
expires: Mon, 14 Nov 2022 01:47:00 GMT

GET
H2 200 ae-header.js Show response
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame AA19 478 KB
108 KB 62ms
61ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-encoding: br
x-oss-request-id: 6018AE09EC4E3338381501BA
content-md5: 39oy7Iof2Tc675JC/1pTow==
x-swift-cachetime: 25267903
x-oss-hash-crc64ecma: 13718294925075259392
x-swift-savetime: Thu, 15 Apr 2021 14:50:50 GMT
content-length: 109875
x-oss-object-type: Normal
last-modified: Thu, 15 Apr 2021 14:50:52 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1612230153
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4827715
served-from: 104.89.171.78
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 2ff618a016184982505766390e
x-oss-server-time: 116
expires: Fri, 15 Apr 2022 14:48:51 GMT

GET
H2 200 js.js Show response
g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/ Frame AA19 259 KB
81 KB 376ms
107ms Script
application/javascript 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.alicdn.com/ae-traffic-kn/cont-default/0.0.1/js/js.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 06:53:13 GMT
content-encoding: gzip
x-oss-request-id: 620F4259ED81AC3039DC793B
content-md5: kuJE0GWh5VsdCB/MTAH96Q==
age: 39223
x-cache: HIT TCP_MEM_HIT dirn:10:337690768
x-swift-cachetime: 86399
x-swift-savetime: Fri, 18 Feb 2022 06:53:14 GMT
content-length: 82481
x-bucket-code: 3
x-oss-object-type: Normal
access-control-allow-origin: *
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1645167193
content-type: application/javascript
via: cache26.l2de2[0,0,200-0,H], cache23.l2de2[0,0], cache23.l2de2[1,0], ens-cache7.de4[0,0,200-0,H], ens-cache8.de4[1,0]
cache-control: max-age=2592000,s-maxage=86400
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 3461275387047287842
eagleid: 2ff62b2016452064167034968e
x-oss-server-time: 14

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame AA19 24 KB
10 KB 90ms
90ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-encoding: gzip
x-oss-request-id: 620FCF96DD67F53037E788F6
content-md5: gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime: 1800
x-swift-savetime: Fri, 18 Feb 2022 16:55:50 GMT
content-length: 10143
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15290110112012039273
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1645203350
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=532, s-maxage=1800
served-from: 95.101.88.109
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62b2216452046959506940e
x-oss-server-time: 8

GET
H2 200 start-render.png
ae01.alicdn.com/wimg/monitor/ Frame AA19 74 B
358 B 577ms
183ms Image
image/webp 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/wimg/monitor/start-render.png
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 80c2ec9b37b201bfc24e3db6313b4aef5d7e1567e7a28e235e0094d8f400ed2b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
x-check-cacheable: YES
x-serial: 1887
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 20 Feb 2022 17:46:57 GMT
cache-control: private, no-transform, max-age=172800
last-modified: Wed, 09 Feb 2022 07:39:00 GMT
content-length: 74
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.4

GET
H2 200 bl.js Show response
assets.alicdn.com/g/retcode/cloud-sdk/ Frame AA19 41 KB
13 KB 96ms
96ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:56 GMT
content-encoding: br
x-oss-request-id: 620D80221DC8DF313702322D
content-md5: 4x6tcG5Vt8TBANh6WSjwmQ==
x-swift-cachetime: 60
x-oss-hash-crc64ecma: 7956181089051082725
x-swift-savetime: Wed, 16 Feb 2022 22:52:18 GMT
content-length: 12983
x-oss-object-type: Normal
last-modified: Wed, 16 Feb 2022 22:52:19 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1645051938
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31359, s-maxage=60
served-from: 23.212.50.67
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: a3b5109a16450519382984538e
x-oss-server-time: 6
expires: Sat, 19 Feb 2022 02:29:35 GMT

GET
H2 200 Hef9c4bcb621f4b1ebc69160e597897edU.png
ae01.alicdn.com/kf/ Frame AA19 21 KB
21 KB 449ms
57ms Image
image/png 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/Hef9c4bcb621f4b1ebc69160e597897edU.png
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
x-check-cacheable: YES
x-serial: 851
content-type: image/png
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 05:46:57 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Thu, 09 Sep 2021 13:52:37 GMT
content-length: 20992
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.4

GET
H2 200 Hee223875f9f74af385b2e302dfc0e4bbM.png
ae01.alicdn.com/kf/ Frame AA19 14 KB
15 KB 503ms
111ms Image
image/webp 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/Hee223875f9f74af385b2e302dfc0e4bbM.png
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: ae149026175314fc3c2defa9e3a41bd29cdaf55f171ea8bb427ea26576a38bdb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
x-check-cacheable: YES
x-serial: 1773
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 05:46:57 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 12 Dec 2021 04:51:10 GMT
content-length: 14816
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.4

GET
H2 200 open-sans.woff
i.alicdn.com/ams-static/3.0.0/node_modules/@alife/beta-apollo/src/font/ Frame AA19 29 KB
30 KB 433ms
57ms Font
font/woff 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/node_modules/@alife/beta-apollo/src/font/open-sans.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/global/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

29cae7cd39e3675acd183aea7e129ff6264585f2b900821552a1152c7c5aef6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ams-static/3.0.0/global/base.css
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
x-content-type-options: nosniff
x-swift-cachetime: 13238840
fw_ip: 104.92.106.193
x-readtime: 334
server-timing: rt;dur=0.337,eagleid;desc=2ff6029616091570830548297e
x-new-origin: 1
content-length: 29680
x-xss-protection: 1; mode=block
x-swift-savetime: Wed, 28 Jul 2021 06:37:23 GMT
server: Tengine
date: Fri, 18 Feb 2022 17:46:57 GMT
x-download-options: noopen
ali-swift-global-savetime: 1609157083
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=23869118
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: 2ff6029616091570830548297e, 4f85b19816375394266934085e
x-server-id: b0381a5e42020db0072a77127f27bf150f96abadfeb38bef16a2e7d22898a1418ccf041454c3613c

GET
H2 200 Ha50c3e849dd645308a8d2ce96a8a5f48a.png
ae01.alicdn.com/kf/ Frame AA19 17 KB
17 KB 467ms
127ms Image
image/webp 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/Ha50c3e849dd645308a8d2ce96a8a5f48a.png
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a4ef07b01c265b981959f1b7e16264c2466740f9a386c4c73e7f92cbb76a4858

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
x-check-cacheable: YES
x-serial: 1307
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 19 Feb 2022 05:46:57 GMT
cache-control: private, no-transform, max-age=43200
last-modified: Sun, 05 Dec 2021 05:28:22 GMT
content-length: 17304
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.4

GET
H2 200 H009a0ba7e43c475fa2a715d85319a288X.png
ae01.alicdn.com/kf/ Frame AA19 102 KB
102 KB 496ms
157ms Image
image/webp 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/H009a0ba7e43c475fa2a715d85319a288X.png
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 504d22006ae176912151468399d3ca661647bf29e2fae0e8ce097ed0d9cdd528

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
last-modified: Fri, 18 Sep 2020 03:58:00 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=43200
served-from: 2.16.187.4
content-length: 104186
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
expires: Sat, 19 Feb 2022 05:46:57 GMT

GET
H2 200 android.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame AA19 358 B
1007 B 57ms
56ms Image
image/png 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/android.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=0
x-content-type-options: nosniff
x-swift-cachetime: 25394750
fw_ip: 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf15fbabe94bc0c9b2e8e5c2ff2812bc29daf1442cd4e182044e
x-readtime: 945
server-timing: rt;dur=0.947,eagleid;desc=c8c4e10715988725939983877e
x-new-origin: 1
content-length: 358
x-xss-protection: 1; mode=block
x-swift-savetime: Tue, 10 Nov 2020 13:11:26 GMT
server: Tengine
date: Fri, 18 Feb 2022 17:46:56 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1598872636
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=13584635
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: c8c4e10715988725939983877e, 2ff62ba116272549759358018e
expires: Mon, 25 Jul 2022 23:17:31 GMT

GET
H2 200 apple.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame AA19 377 B
1 KB 60ms
59ms Image
image/png 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/apple.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=0
x-content-type-options: nosniff
x-swift-cachetime: 25422823
fw_ip: 104.92.106.193
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85df68de1dd51172d668ccf041454c3613c
x-readtime: 155
server-timing: rt;dur=0.157,eagleid;desc=2ff62e9815989007091515336e
x-new-origin: 1
content-length: 377
x-xss-protection: 1; mode=block
x-swift-savetime: Tue, 10 Nov 2020 13:11:26 GMT
server: Tengine
date: Fri, 18 Feb 2022 17:46:57 GMT
x-download-options: noopen
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1598900709
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=13612720
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_LONDON_201011
eagleid: 2ff62e9815989007091515336e, 2ff62b9f16272830255535723e
expires: Tue, 26 Jul 2022 07:05:37 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/ae-fe/g-loader/ Frame AA19 11 KB
4 KB 389ms
127ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 620FD96161F1A330378624C1
content-md5: xm7bjw4FHdfiAqjZ0scLaQ==
x-swift-cachetime: 300
x-swift-savetime: Fri, 18 Feb 2022 17:37:37 GMT
content-length: 3956
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14554246805459894126
server: Tengine
cache-control: max-age=300,s-maxage=300
vary: Accept-Encoding
ali-swift-global-savetime: 1645205857
content-type: application/javascript
access-control-allow-origin: *
object-status: ttl=300,age=263
served-from: 95.101.88.102
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62b1d16452061569972196e
x-oss-server-time: 4

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame AA19 175 KB
67 KB 309ms
56ms Fetch
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??s/8.15.20/plugin/aplus_client.js,aplus_cplugin/0.7.11/toolkit.js,aplus_cplugin/0.7.11/monitor.js,s/8.15.20/plugin/aplus_ae.js,s/8.15.20/plugin/aplus_ac.js,s/8.15.20/aplus_int.js,s/8.15.20/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20220215204924
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 13f503cf4ddfcfbd2c6ae6d2c91efe80ab888b1e1a8da4de8fbcf33e62e9434a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 620BAA97DFCFF23335E4F787
content-md5: 33ruDq3z7IL1fiUckkP4mA==
x-swift-cachetime: 86388
x-swift-savetime: Tue, 15 Feb 2022 13:29:07 GMT
content-length: 67537
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3489933451820366119
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1644931735
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2317383, s-maxage=86400
served-from: 95.101.88.36
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 4f85b19916449317478504915e
x-oss-server-time: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame AA19 99 KB
27 KB 175ms
57ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: z5sZqEADPeBmFpdh/DvobYw0nUYqf7lPOyxgriaqJqn7Mr2N1P+C9eZxsqYDLMB9MrjnvPS/iXDET9zolP9ztw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Feb 2022 17:46:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AA19 49 KB
20 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 724
date: Fri, 18 Feb 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Feb 2022 19:34:53 GMT

GET
H2 200 H9f160b429e0548c29e7f24631e8276e58.png
ae01.alicdn.com/kf/ Frame AA19 67 KB
67 KB 187ms
157ms Image
image/webp 104.111.214.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/H9f160b429e0548c29e7f24631e8276e58.png
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 -, , ASN (),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 4dbd8b451dbd69cf82c2c5f3688e376da2ec2821cde1148afa73c333ef8a442d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
x-check-cacheable: YES
x-serial: 1361
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 11 Mar 2022 16:17:18 GMT
cache-control: private, no-transform, max-age=1809021
last-modified: Thu, 25 Jun 2020 15:53:02 GMT
content-length: 68310
timing-allow-origin: *
network_info: GB_LONDON_201011
from-req-dns-type: NA
server: Akamai Image Manager
served-from: 2.16.187.4

GET
H2 200 rtrg
vk.com/ Frame AA19 49 B
487 B 280ms
97ms Image
image/gif 87.240.190.67

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-208363-3NOqH

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.110201

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-frontend: front220005
server: kittenx
x-powered-by: KPHP/7.4.110201
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 65

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame AA19 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 18 Feb 2022 18:39:50 GMT

GET
H3 200 1650958108523345 Show response
connect.facebook.net/signals/config/ Frame AA19 311 KB
89 KB 120ms
59ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1650958108523345?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

a16f53c0f6fc6529e6032d07ba294fc523e2c1eed8d49bd5af6fc62350bcd2a2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 91343
x-xss-protection: 0
pragma: public
x-fb-debug: /A7+IuCJCoDbzQS+1Y6l4mt01TPeRwZlRP8T1YJ4595B0mC1YqyltcaSk6JqP0gVhPIXgnA3630vCYzR9kFfDw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Feb 2022 17:46:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 eg.js Show response
ru.mmstat.com/ Frame AA19 91 B
336 B 289ms
89ms Script
application/javascript 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/eg.js?t=1645206419355
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a5e483f612672f2208c79cec41d0ddba6084d1028cac43a5d1f1b4202db83f86

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:57 GMT
stag: 2
server: nginx
etag: "kcmWGjp8vWMCAVLHgifyUXKA"
content-type: application/javascript
cache-control: no-cache
content-length: 91
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
assets.alicdn.com/g/ Frame AA19 502 B
837 B 64ms
64ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 620FDB85E0AD993736015C78
content-md5: mrAkvrpM0sRa0GRDgPs0pA==
x-swift-cachetime: 60
x-swift-savetime: Fri, 18 Feb 2022 17:46:45 GMT
content-length: 360
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17258456458180904391
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1645206405
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=48, s-maxage=60
served-from: 23.55.162.156
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62b1c16452064051152182e
x-oss-server-time: 2

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame AA19 223 KB
66 KB 125ms
64ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RPK3ZC

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/??ae-ru/aer-gtm/main2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dd81eb2c6439c8b4cf2d33082370874590f3a71e1756f6cc7b9cd787526d7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67622
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Feb 2022 17:46:57 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 57ms
57ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3181
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 6df913ee7b4c0712-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 20 Mar 2022 17:46:57 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame AA19 44 B
295 B 175ms
58ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1650958108523345&ev=PageView&dl=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607&rl=https%3A%2F%2Fwww.gandul.ro%2F&if=true&ts=1645206419551&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1645206419292&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 18 Feb 2022 17:46:57 GMT

GET
H3 200 icon
onesignal.com/api/v1/apps/f487e21e-4a37-4c7b-a2de-dedb267c05f9/ 184 B
576 B 336ms
289ms Fetch
application/json 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/f487e21e-4a37-4c7b-a2de-dedb267c05f9/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gandul.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d1fe277a-b74e-463d-be2f-abd0e470a6b0
x-runtime: 0.006329
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"92b5a21f280b2ec0c5ace3662020bb71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6df913ef3e0c749d-LHR
access-control-allow-headers: SDK-Version

GET
H3 200 3946145095458190 Show response
connect.facebook.net/signals/config/ Frame AA19 309 KB
89 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3946145095458190?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

4045f2cd9691a81fd40c69023995e43089e133d42f58fc93f65a2ab3edf53e9c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90773
x-xss-protection: 0
pragma: public
x-fb-debug: +YruWjNZTQcVmNtMHQwVMnhDEnchfNnQiEg9I6+sCn0tkKjQOy2zuRfsAORLDIB7fFxCKFVIWuPsVDMG9fhiPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 18 Feb 2022 17:46:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET tag.js
mc.yandex.ru/metrika/ Frame AA19 0
0

GET openapi.js
vk.com/js/api/ Frame AA19 0
0

GET code.js
top-fwz1.mail.ru/js/ Frame AA19 0
0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame AA19 40 KB
13 KB 66ms
66ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RPK3ZC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 19 Feb 2022 17:46:57 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/sd/baxia-entry/ Frame AA19 2 KB
2 KB 56ms
56ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228500
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 6202958B35FA7236320F1E74
content-md5: uYfEYSicLJQePdry/LZh7Q==
x-swift-cachetime: 900
x-oss-hash-crc64ecma: 13547624062769674599
x-swift-savetime: Tue, 08 Feb 2022 16:08:43 GMT
content-length: 1097
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1644336523
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=146, s-maxage=900
served-from: 47.246.20.254
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: RU_KRASNODAR_3216, GB_LONDON_201011
eagleid: 2ff6149716443365232588784e
x-oss-server-time: 3
expires: Fri, 18 Feb 2022 17:49:23 GMT

GET
H2 200 g.gif
ru.mmstat.com/ Frame AA19 43 B
259 B 94ms
93ms Image
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ru.mmstat.com/g.gif?logtype=0&title=&pre=https%3A%2F%2Fwww.gandul.ro%2F&scr=1600x1200&_p_url=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607&cna=kcmWGjp8vWMCAVLHgifyUXKA&spm-cnt=a2g0o.ams_103775_dfcon.0.0.5b77kXlBkXlBDj&aplus=&sidx=aplusSidx&pageid=17f0df1b5d11920d890a1e82b3b89198eedb5f15e2&dmtrack_b=%7Bifm%3D1%7Clogin%3D0%7D&dmtrack_c=%7Bacs_rt%3Df0e8d4f5536745c68aec6edb10202607%7Caep_usuc_f%3D-%7Caeu_cid%3D-%7D&ali_beacon_id=-&ali_apache_id=-&ali_apache_track=-&ali_apache_tracktmp=-&_p_uid=-&p=1&o=win10&b=chrome98&s=1600x1200&w=webkit&ism=pc&cache=66344ca&lver=8.15.20&jsver=aplus_int&pver=0.7.11&_pw=801&_ph=601&tag=0&stag=2&lstag=0&_slog=0
Requested by: Host: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:57 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/entry/ Frame AA19 6 KB
3 KB 56ms
56ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228500
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 15763dba2655d07f3b725a210d6247c64266018b7c15280b869284fdbabeff9a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 61E842C6986A643830B91AB0
content-md5: 0H9yjVCkNrHkux0vA7fzJA==
x-swift-cachetime: 3600
x-oss-hash-crc64ecma: 4397681659283574757
x-swift-savetime: Wed, 19 Jan 2022 16:56:38 GMT
content-length: 2966
x-oss-object-type: Normal
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1642611398
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=556, s-maxage=3600
served-from: 47.246.20.254
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: RU_CHEBOKSARY_57026, GB_LONDON_201011
eagleid: 2ff6149a16426113977596954e
x-oss-server-time: 5
expires: Fri, 18 Feb 2022 17:56:13 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame AA19 44 B
91 B 144ms
85ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3946145095458190&ev=PageView&dl=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607&rl=https%3A%2F%2Fwww.gandul.ro%2F&if=true&ts=1645206419759&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1645206419292&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 18 Feb 2022 17:46:57 GMT

GET event
sslwidget.criteo.com/ Frame AA19 0
0

GET
H2 200 baxiaCommon.js Show response
assets.alicdn.com/g/sd/baxia/2.0.50/ Frame AA19 23 KB
8 KB 59ms
59ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/sd/baxia/2.0.50/baxiaCommon.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/sd/baxia-entry/index.js?t=228500
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: br
x-oss-request-id: 61E6C4AE39899C3431D8018F
content-md5: RbR3KfKCEtEd6Zppk3ZhZg==
x-swift-cachetime: 15308
x-oss-hash-crc64ecma: 5412104085485261180
x-swift-savetime: Wed, 19 Jan 2022 09:31:14 GMT
content-length: 7295
x-oss-object-type: Normal
last-modified: Wed, 19 Jan 2022 09:35:22 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1642513582
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=252074, s-maxage=86400
served-from: 210.61.249.38
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_SEATTLE_35994, GB_LONDON_201011
eagleid: a3b5279e16425846740015381e
x-oss-server-time: 4
expires: Mon, 21 Feb 2022 15:48:11 GMT

GET
H2 200 index.js Show response
assets.alicdn.com/g/secdev/sufei_data/3.9.9/ Frame AA19 17 KB
7 KB 60ms
59ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228500
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4

Request headers

Referer: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6718&cn=-&cv=427080&dp=82.199.130.39&aff_fcid=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP&terminal_id=f0e8d4f5536745c68aec6edb10202607
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: br
x-oss-request-id: 61E9AD1EFBA9183935D00FED
content-md5: BLF6Clts+DnJshKrVXCXFw==
x-swift-cachetime: 86400
x-oss-hash-crc64ecma: 2824524793130602968
x-swift-savetime: Thu, 20 Jan 2022 18:42:38 GMT
content-length: 6733
x-oss-object-type: Normal
last-modified: Thu, 20 Jan 2022 18:45:23 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1642704158
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=259207, s-maxage=86400
served-from: 2.21.243.227
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 2ff62b2216427041586068169e
x-oss-server-time: 3
expires: Mon, 21 Feb 2022 17:47:04 GMT

GET
H2 200 g Show response
assets.alicdn.com/ Frame AA19 130 KB
56 KB 63ms
63ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228500
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: gzip
x-oss-request-id: 620F40399964B93339F9F324
content-md5: /bAOACTA0CoKGqWC2cODqw==
x-swift-cachetime: 86400
x-swift-savetime: Fri, 18 Feb 2022 06:44:09 GMT
content-length: 56629
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8675859113826473122
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1645166649
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=46583, s-maxage=86400
served-from: 95.101.88.109
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: GB_LONDON_201011
eagleid: 2ff62b2116451666490274272e
x-oss-server-time: 3

GET
H2 200 et_f.js
assets.alicdn.com/g/AWSC/et/1.62.1/ Frame AA19 100 KB
31 KB 90ms
90ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/AWSC/et/1.62.1/et_f.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/secdev/entry/index.js?t=228500
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-193.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Origin: https://sale.aliexpress.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 17:46:57 GMT
content-encoding: br
x-oss-request-id: 620088A51FC3B3323405DC60
content-md5: 4NiYCFMG7NhygH1t2RM9TA==
x-swift-cachetime: 3599
x-oss-hash-crc64ecma: 679467694893097074
x-swift-savetime: Mon, 07 Feb 2022 02:49:10 GMT
content-length: 31200
x-oss-object-type: Normal
last-modified: Mon, 07 Feb 2022 02:49:11 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1644202149
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1587651, s-maxage=3600
served-from: 2.21.231.110
x-oss-storage-class: Standard
timing-allow-origin: *
network_info: US_CHICAGO_35994, GB_LONDON_201011
eagleid: 2ff61c9716442021493351311e
x-oss-server-time: 4
expires: Wed, 09 Mar 2022 02:47:48 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 43 B
97 B 89ms
89ms Ping
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:58 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 43 B
74 B 89ms
89ms Ping
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:58 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 43 B
74 B 89ms
89ms Ping
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:58 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 43 B
74 B 89ms
89ms Ping
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:58 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 43 B
74 B 89ms
89ms Ping
image/gif 62.128.97.27

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr
Requested by: Host: www.gandul.ro
URL: https://www.gandul.ro/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.128.97.27 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://sale.aliexpress.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 17:46:58 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST ae.pc_ctr.statweb_ae_ctr
ru.mmstat.com/ Frame AA19 0
0

GET ts
fourier.taobao.com/ Frame AA19 0
0

GET rp
fourier.taobao.com/ Frame AA19 0
0

GET 8fd01cc6-c61d-46ce-95fb-a08d9a926d48
img.onesignal.com/permanent/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtb.adpone.com
URL: https://rtb.adpone.com/bid-request?pid=121111171350171

Domain: rtb.adpone.com
URL: https://rtb.adpone.com/bid-request?pid=12111117134669

Domain: www.solanium.io
URL: http://www.solanium.io/project/tabtrader/?ref=SBBuqmht

Domain: www.nike.com
URL: https://www.nike.com/gb/?CP=EUNS_AFF_AWIN_ROW_596935_httpwwwadmitadcom_300473&utm_source=httpwwwadmitadcom&utm_medium=affiliate&utm_campaign=596935&utm_content=300473&awc=16349_1645198628_48e0322c5bd70a1e1592d172b24f5dfa

Domain: lite-1x830514.top
URL: https://lite-1x830514.top/en/?tag=s_137887m_355c_

Domain: www.probit.com
URL: https://www.probit.com/signup

Domain: www.okx.com
URL: https://www.okx.com/join/2788553

Domain: pubmedya.net
URL: https://pubmedya.net/to2/iherb.com/

Domain: coinsbit.io
URL: https://coinsbit.io/register

Domain: localbitcoins.com
URL: https://localbitcoins.com/buy-bitcoins-online/?ch=1cmsy

Domain: www.banggood.com
URL: https://www.banggood.com/?p=5Z30141707865201505S&custlinkid=1737278

Domain: www.hotelscombined.com
URL: https://www.hotelscombined.com/?a_aid=172493

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: vk.com
URL: https://vk.com/js/api/openapi.js?168

Domain: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Domain: sslwidget.criteo.com
URL: https://sslwidget.criteo.com/event?v=3.6.1&p0=e%3Dexd%26ci%3D-%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dexd%26ref%3Dhttps%253A%252F%252Fwww.gandul.ro

Domain: ru.mmstat.com
URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr

Domain: ru.mmstat.com
URL: https://ru.mmstat.com/ae.pc_ctr.statweb_ae_ctr

Domain: fourier.taobao.com
URL: https://fourier.taobao.com/ts?url=https%3A%2F%2Fwww.gandul.ro%2F&token=BIqKYCWO3Mrr_FBmn6CvTOeH23ksew7VOvrXyxTDNl1oxyqB_Ate5dAx1ysbLIZt&cna=kcmWGjp8vWMCAVLHgifyUXKA&ext=1

Domain: fourier.taobao.com
URL: https://fourier.taobao.com/rp?ext=51&data=jm_kcmWGjp8vWMCAVLHgifyUXKA&random=891040929193412&href=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%266718%26cn%3D-%26cv%3D427080%26dp%3D82.199.130.39%26aff_fcid%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26tt%3DCPS_NORMAL%26aff_fsk%3D_AtqYLP%26aff_platform%3Dportals-tool%26sk%3D_AtqYLP%26aff_trace_key%3D9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%26terminal_id%3Df0e8d4f5536745c68aec6edb10202607&protocol=https:

Domain: img.onesignal.com
URL: https://img.onesignal.com/permanent/8fd01cc6-c61d-46ce-95fb-a08d9a926d48

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gandul.ro/	1970-01-20 01:00:08	Name: __cf_bm Value: Zv8W20LDeOZSd23DChr8w0rApTPh4mIedghXoJb4kVM-1645206411-0-AZDR5dPWnAWetnR8iVInnmDWMGlU7hmG7mbzD9iAuUVE/KVAOldV715s/BitT8U/X2TTYiai6JTr9updo2+8bOM=
live.demand.supply/	1970-01-20 18:31:18	Name: demandSupplyTi Value: 3f6be562-9b65-450b-8dfd-d302222197bb
.gandul.ro/	1969-12-31 23:59:59	Name: cX_S Value: kzspf578e0j8ojvq
.gandul.ro/	1970-01-20 09:45:42	Name: cX_P Value: kzspf579t7mh7gt4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: yrli4FjNg0E
.youtube.com/	1970-01-20 05:19:18	Name: VISITOR_INFO1_LIVE Value: 6bf4ts3JlDc
.gandul.info/	1970-01-20 01:00:08	Name: __cf_bm Value: QY1uPQaMrcJYzYfFOyNX4DL1Xa5BrNKmw8NmVFAWMTA-1645206411-0-Ae7kGByIVXUI5Y9Cfaypg8lzviYVSPdNOXPkz01pbvtsXLytu+lLTC9sNo1nCwM9PhMRm2BqcH5ndC2CsETwfrA=
.gandul.ro/	1970-01-20 18:31:18	Name: _ga Value: GA1.2.1964932815.1645206414
.gandul.ro/	1970-01-20 01:01:32	Name: _gid Value: GA1.2.1655267515.1645206414
.gandul.ro/	1970-01-20 01:00:06	Name: _gat_gtag_UA_1572980_1 Value: 1
.cxense.com/	1970-01-20 09:45:42	Name: gckp Value: 32pmvw3yz14p32p0603dzlvwue
.gandul.ro/	1970-01-20 09:45:42	Name: cX_G Value: cx%3A1tq0xxvppoc3k34xuuaifhu5pm%3A1qferhiguvyla
www.gandul.ro/	1970-01-20 03:09:42	Name: evid_0046 Value: cx:1tq0xxvppoc3k34xuuaifhu5pm:1qferhiguvyla
.adtlgc.com/	1970-01-20 13:57:42	Name: evid_0046 Value: cx:1tq0xxvppoc3k34xuuaifhu5pm:1qferhiguvyla
www.gandul.ro/	1970-01-20 01:00:13	Name: adptset_0046 Value: 1
www.gandul.ro/	1970-01-20 01:00:06	Name: evid_set_0046 Value: 2
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=emb5skpyr139&acs_rt=f0e8d4f5536745c68aec6edb10202607
.aliexpress.com/	1970-02-13 21:31:30	Name: aeu_cid Value: 9c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP
.aliexpress.com/	1970-01-20 03:09:42	Name: xman_t Value: RqcGFbcY6WudCWBStsYpaazqgxNGTXnzU0W/UOKJ54OAChTUtIlT6E5NxB6OQYp5
.aliexpress.com/	1970-02-13 21:31:30	Name: xman_f Value: azFVxKc9reYMHilfGt2rOxi9fv8EaaU23QSy3LFrHAYgwjlq7bAimoxxggeoiNJGmf8o1OhFbDvB+ZlYh8i/E+3NSMpV6CO/peS06cPfTrEEJ1zkRdZaxQ==
.aliexpress.com/	1970-02-13 21:31:30	Name: af_ss_a Value: 1
.thelotter.com/	1970-01-20 09:44:36	Name: visid_incap_1066313 Value: HIQIzIYbTJqt4uzIBHyblY7bD2IAAAAAQUIPAAAAAADI0DVl83+BoC2xeILIP711
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_1309_1066313 Value: +QQ/PzEYdXX8fplgAIEqEo7bD2IAAAAA37uOtWK3xxxwrPPLWdzP2Q==
.chaturbate.com/	1970-01-20 01:43:18	Name: affkey Value: "eJwdi0EOgCAMBL9CejYSPBl+U6VgoiAp5WCMfzflNjuTfUH4BG8gUMR+CUwGMEY1mLg3VFF1Lk6RFQ+R2ry1tW+ZwoNzIbFaZVRes449j19Ltyvw/TQmHc0="
.chaturbate.com/	1970-01-21 00:58:40	Name: sbr Value: "sec:sbre731e2dc-f60b-4145-aa76-22f9325e00d3:1nL7LK:SoDwBof9gmN1x7jgZaqGrBSLIYk"
chaturbate.com/	1970-01-20 01:00:10	Name: py3 Value: true
.chaturbate.com/	1969-12-31 23:59:59	Name: fromaffiliate Value: 1
chaturbate.com/	1969-12-31 23:59:59	Name: us_hr8m Value: 1
chaturbate.com/	1970-01-20 01:43:18	Name: stcki Value: "pOtSwZ=1\054_IsUEp=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"
chaturbate.com/	1970-01-20 01:07:18	Name: u_hr8m Value: 1
chaturbate.com/	1970-01-20 01:00:28	Name: noads Value: 1
.chaturbate.com/	1970-01-20 01:00:08	Name: __cf_bm Value: M8TI6JW0kEW_gQ58l5y3OWKtTOtiiD9muuSF7n73Bsw-1645206414-0-AVHEylaa7Rvi/oBTsRH7OyNR+zaFhi6ueewT7QE98bhF20UAjRx2WNw5O1qdW/ERZAlF+UKsoLZksDrrv44yu6w=
.bongacams.com/	1969-12-31 23:59:59	Name: bonga20120608 Value: 4a2cdafbf6d79bab64a93aedb166f481
.lightinthebox.com/	1970-01-20 09:45:42	Name: first_visit_time Value: 0a66bdd19272dbbc9fff91f3a5430c2a
.lightinthebox.com/	1970-01-20 01:00:08	Name: vela_s_c Value: 42
.lightinthebox.com/	1970-01-20 01:00:35	Name: vela_v_c Value: 42
.lightinthebox.com/	1970-01-20 01:10:11	Name: vela_w_c Value: 42
.lightinthebox.com/	1970-01-20 01:43:18	Name: vela_m_c Value: 42
.lightinthebox.com/	1970-01-20 03:09:42	Name: vela_3m_c Value: 42
.lightinthebox.com/	1970-01-20 01:43:18	Name: vela_m_ca Value: 42
.lightinthebox.com/	1970-01-20 01:00:08	Name: vela_s Value: 620fdb8ee4290
.lightinthebox.com/	1970-01-20 01:43:18	Name: vela_m Value: 620fdb8ee4294
.lightinthebox.com/	1970-01-20 03:09:42	Name: vela_3m Value: 620fdb8ee4297
.lightinthebox.com/	1970-01-20 01:00:35	Name: vela_v Value: 620fdb8ee4299
.lightinthebox.com/	1970-01-20 01:10:11	Name: vela_w Value: 620fdb8ee429b
.lightinthebox.com/	1970-01-20 01:01:32	Name: vela_device Value: desktop
.lightinthebox.com/	1970-01-20 09:45:42	Name: vela_is_first_visit Value: 1
.lightinthebox.com/	1970-01-20 02:04:54	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.lightinthebox.com/	1970-01-20 03:09:42	Name: utm_source Value: gan
.lightinthebox.com/	1970-01-20 03:09:42	Name: feature Value: V7536_A%7CV1074681_B%7CV1081204-1_B%7CV1015700_B
.lightinthebox.com/	1970-01-20 01:43:18	Name: local Value: en%7CDE%7CEUR
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=xn1rq3rdlprd&acs_rt=05d6bf79a4814cb9a08bba705f871c3e
.aliexpress.ru/	1969-12-31 23:59:59	Name: xman_t Value: 4k/LDMvAlCzKhuvaskY06AkQ4IrxCIMZ0FxnfIx6lF58s7VmN16Q2i04pbYFX1pe
.bongacams.com/	1970-01-20 05:19:18	Name: BONGAH_HIT Value: 70dc95b299ddd321b187e5ef777d5bb4%3A%3A183346%3A%3Ahttps%3A%2F%2Fpubmedya.net%2F%3A%3A%3A%3A%3A%3A287325%3A%3A%3A%3A%3A%3A0%3A%3A0%3A%3A0%3A%3A0%3A%3A%3A%3A0%3A%3Adefault%3A%3A0%3A%3A2022-02-18%2019%3A46%3A55
.bongacams.com/	1970-01-20 09:45:42	Name: sg Value: 114
.bongacams.com/	1970-01-20 09:45:42	Name: warning18 Value: %5B%22de_DE%22%5D
.chaturbate.com/	1970-01-20 09:44:16	Name: csrftoken Value: VgvqDEYuVCWf4X6rejjQdX37J7Fqkaj6UHqsC6206eD9t8mBhWmo4qqzoBmgoLr0
.miniinthebox.com/	1970-01-20 09:45:42	Name: first_visit_time Value: 0a66bdd19272dbbc0b608cd155c21f4e
.miniinthebox.com/	1970-01-20 01:00:08	Name: vela_s_c Value: 42
.miniinthebox.com/	1970-01-20 01:00:35	Name: vela_v_c Value: 42
.miniinthebox.com/	1970-01-20 01:10:11	Name: vela_w_c Value: 42
.miniinthebox.com/	1970-01-20 01:43:18	Name: vela_m_c Value: 42
.miniinthebox.com/	1970-01-20 03:09:42	Name: vela_3m_c Value: 42
.miniinthebox.com/	1970-01-20 01:43:18	Name: vela_m_ca Value: 42
.miniinthebox.com/	1970-01-20 01:00:08	Name: vela_s Value: 620fdb8f44cd4
.miniinthebox.com/	1970-01-20 01:43:18	Name: vela_m Value: 620fdb8f44cda
.miniinthebox.com/	1970-01-20 03:09:42	Name: vela_3m Value: 620fdb8f44cde
.miniinthebox.com/	1970-01-20 01:00:35	Name: vela_v Value: 620fdb8f44ce2
.miniinthebox.com/	1970-01-20 01:10:11	Name: vela_w Value: 620fdb8f44ce5
.miniinthebox.com/	1970-01-20 01:01:32	Name: vela_device Value: desktop
.miniinthebox.com/	1970-01-20 09:45:42	Name: vela_is_first_visit Value: 1
.miniinthebox.com/	1970-01-20 02:04:54	Name: affi Value: 664b08e55c41be35e1e822fee3b61691
.miniinthebox.com/	1970-01-20 03:09:42	Name: utm_source Value: gan
.miniinthebox.com/	1970-01-20 03:09:42	Name: feature Value: V7536_A%7CV1074681_B%7CV1081204-1_B%7CV1015700_B
.miniinthebox.com/	1970-01-20 01:43:18	Name: local Value: en%7CDE%7CEUR
.aliexpress.com/	1970-02-13 21:31:30	Name: xman_us_f Value: x_l=0&acs_rt=f0e8d4f5536745c68aec6edb10202607&x_as_i=%7B%22aeuCID%22%3A%229c0ac35cdcbb4791911bd73394e59cc7-1645206414687-07313-_AtqYLP%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_AtqYLP%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22197548986%22%2C%22tagtime%22%3A1645206414687%7D
.stripchat.com/	1970-01-20 03:09:42	Name: stripchat_com_guestId Value: 9877a5eb5a637a26c5745e627fcd8ab055ee459d64803022047716fd6e36
.stripchat.com/	1970-01-20 03:09:42	Name: stripchat_com_affiliateId Value: 73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
stripchat.com/	1970-01-20 01:01:29	Name: __cflb Value: 02DiuFntVtrkFMde1diFXc6auiQ5NotZnDxwr4t94rhrt
.banggood.com/	1970-01-20 03:09:42	Name: banggood_SID Value: d36e84e0bc9fad7b3eef68531249a90b
de.banggood.com/	1970-01-20 01:10:11	Name: currency Value: EUR
gleam.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: GWkpVICIDcL9ICbBjhoieIPKPn66%2BQB7NRcQgg%2FfGFL%2BeBJ4LKfE8xLmAyc9%2BTuE5mKG6bZYGwSk1muAy1HD6Q%3D%3D
gleam.io/	1970-01-20 01:40:25	Name: _app_session Value: faEtCD35i39l82mX4r%2BcpHiwJvhPRnwf9XXEjfRn3nlNJvAQSGqAP5DXXXcNeWFiBjTKhfUgGd2o3dWilmzdqZWumHVt3nSh9Q%2B%2FAc8lBplwy2Qf7GpoQgsBoro6Sy0lIvUeuU3jDb62VDH82S9SUMRYHPZRIAZ%2Flb6dOzBSneNX6c0FV3KpnjSGqwHdFr3rreu%2Foig1LT%2FfgV6ToQruh3ucmQi5sM%2BPPhrIA2RAGlU3tQAGhIPsJ5blCJbhk8qpneJ4%2FrLz4K11bf27uoRcFGnR9QI1Ijs2eWage4CZ18tql1bBMECIE2ueC2%2FbpzM1%2FYifhcyVloqHYvoubiB9913F90APyRwmiizVXvXX8h75dpO0LkmaeAve%2FlUZ4rE0wz1sdpMJGFio--XJGNeUr8hkyea0Eo--0ACVi6o7k6TI7xvp0Ymo3A%3D%3D
.gleam.io/	1970-01-20 01:00:08	Name: __cf_bm Value: E9wsLqYVyMvmEVU_pmLLbKrJ56RCPs0KGYLQxtNAFvI-1645206416-0-AexoZzE05NydR7acWS1kh0kpoIlE/ayhIqnUSygzgWAABL4AALKnUVTLAZO4Tg79/WCnZP2xN0NvPPUGNYJIChA=
.aliexpress.ru/	1970-02-13 21:31:30	Name: xman_us_f Value: x_l=0&acs_rt=f0e8d4f5536745c68aec6edb10202607
.aliexpress.ru/	1970-02-13 21:31:30	Name: xman_f Value: tRjxDtJNbfO/FxrdHbIEp2qL2xwtFz3zsWU1vteyrNyleyU4lSRta6F97fcwMeoHWD2KE+fHCi9QUlMkYQSxPRMIFHjqM5x5pJmTABWDzLF806wZuJ+N+g==
cex.io/	1969-12-31 23:59:59	Name: cex-session Value: s%3AosDPBme3WQOVNnbmguwQWtJU.TrvWydCUHy77Qj20%2BsAzg1bQI8ZYMdQMvQmyKS6mOoY
www.kucoin.com/	1970-01-20 01:10:11	Name: AWSALBCORS Value: rkjgmXws2iyToUqVDBuPju/9grATkZlOzqsErq8pUSBkNrmZ7q6HxDr4jap5Ygn6GTUZD173trn/+tHIBWbJHmbiNhSjjqumxWPi74WY7A6p153At/WzeglpPWR+
.kucoin.com/	1969-12-31 23:59:59	Name: __cfruid Value: 02bf238de510314d446c5b63f2fff62919780b73-1645206416
.creativemarket.com/	1970-01-20 01:00:08	Name: __cf_bm Value: 4t09B1GFK_ndy4TlmT04oDGiz6_AiHv9qc9vqKU4CBU-1645206416-0-AZJsivrVb2d1nCRavjMe2PoVL8lO6peWm56RNCyiK9z55nKY4sjUkEVlhbttG2RiytH/q3Aew3NgFhHoFffvGLCaSoHwZs6LHb3SBHCG6ouM
.changelly.com/	1970-01-20 05:27:56	Name: WTP_AB_variant Value: 1
.changelly.com/	1970-01-20 01:44:44	Name: MobileAppUpsale_ABvariant Value: default
.changelly.com/	1970-01-20 01:44:44	Name: BiggerBuyAmount_ABvariant Value: default
.changelly.com/	1970-01-20 01:44:44	Name: livechat_delay Value: new
.changelly.com/	1970-01-23 18:16:54	Name: user_id Value: f0541666-86d5-4b13-8b29-034a5b6ebc1d
.changelly.com/	1969-12-31 23:59:59	Name: ref_id Value: t68bpi9bnrma1q8f
.changelly.com/	1970-01-20 01:44:44	Name: ipcountry Value: DE
.changelly.com/	1969-12-31 23:59:59	Name: time Value: 1645206416763
.changelly.com/	1970-01-20 03:09:42	Name: __zrtbanner49 Value: 877c1b74-7ee2-4724-8ab8-a1c1a73607c3

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.gandul.ro/ Message: Access to XMLHttpRequest at 'https://rtb.adpone.com/bid-request?pid=121111171350171' from origin 'https://www.gandul.ro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://rtb.adpone.com/bid-request?pid=121111171350171 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.gandul.ro/ Message: Access to XMLHttpRequest at 'https://rtb.adpone.com/bid-request?pid=12111117134669' from origin 'https://www.gandul.ro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://rtb.adpone.com/bid-request?pid=12111117134669 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://p2pb2b.io/?referral=5dacfd8f Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.instaforex.com/?x=LVYG Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://my6.roboforex.org/ru/?a=zkeb Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://pubmedya.net/vu/a/? Message: Mixed Content: The page at 'https://www.gandul.ro/' was loaded over HTTPS, but requested an insecure script 'http://www.solanium.io/project/tabtrader/?ref=SBBuqmht'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://paxful.com/ru/?r=GzdvAoGWyQA Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://assets.alicdn.com/g/secdev/sufei_data/3.9.9/index.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://assets.alicdn.com/g??xlly/spl/rp.js,secdev/nsv/1.0.78/ns_e_88_3_f.js?v=1(Line 1) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.binance.com
admp-tc-sati.adtlgc.com
adx.adform.net
ae01.alicdn.com
api.cxense.com
assets.alicdn.com
audit-tcfv2.quantcast.mgr.consensu.org
bidder.criteo.com
biswap.org
bngpt.com
bongacams.com
bread.pp.ua
c.amazon-adsystem.com
cdn.cxense.com
cdn.onesignal.com
cdn.unblockia.com
cdnjs.cloudflare.com
cex.io
changelly.com
chaturbate.com
code3.adtlgc.com
coinsbit.io
cointracking.info
comcluster.cxense.com
connect.facebook.net
creativemarket.com
de.banggood.com
de.bongacams.com
de.dhgate.com
faucetcrypto.com
faucetpay.io
fbs.com
fonts.gstatic.com
fourier.taobao.com
freebitco.in
g.alicdn.com
gandul.info
gleam.io
googleads.g.doubleclick.net
i.alicdn.com
i.ytimg.com
id.cxense.com
img.onesignal.com
iqbroker.com
is.gd
js-sec.indexww.com
kinsta.com
lite-1x830514.top
litefinance.com
live.demand.supply
localbitcoins.com
login.aliexpress.com
login.aliexpress.ru
match.adsrvr.org
mc.yandex.ru
media.gandul.ro
my6.roboforex.org
neuronales.xyz
nexo.io
odnaknopka.ru
offer.alibaba.com
onesignal.com
p1cluster.cxense.com
p2pb2b.io
pagead2.googlesyndication.com
paxful.com
prebid-eu.creativecdn.com
pubmedya.net
quantcast.mgr.consensu.org
rbfxdirect.com
redirector.googlevideo.com
remitano.com
rover.ebay.com
rtb.adpone.com
ru.mmstat.com
rules.quantcount.com
s.click.aliexpress.com
sale.aliexpress.ru
scdn.cxense.com
secure.quantserve.com
securepubads.g.doubleclick.net
shop.safepal.io
sslwidget.criteo.com
static.criteo.net
static.doubleclick.net
stripchat.com
test.quantcast.mgr.consensu.org
top-fwz1.mail.ru
tsystatic.com
vk.com
webcache.pp.ua
www.agoda.com
www.banggood.com
www.binance.com
www.bitdegree.org
www.canva.com
www.ebay.com
www.eneba.com
www.exness.com
www.exness.uk
www.facebook.com
www.forextime.com
www.gandul.info
www.gandul.ro
www.gate.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hotelscombined.com
www.instaforex.com
www.kucoin.com
www.lightinthebox.com
www.litefinance.com
www.liteforex.com
www.miniinthebox.com
www.nike.com
www.okx.com
www.probit.com
www.rentalcars.com
www.semrush.com
www.solanium.io
www.thelotter.com
www.tomtop.com
www.udemy.com
www.youtube.com
yt3.ggpht.com
coinsbit.io
fourier.taobao.com
img.onesignal.com
lite-1x830514.top
localbitcoins.com
mc.yandex.ru
pubmedya.net
rtb.adpone.com
ru.mmstat.com
sslwidget.criteo.com
top-fwz1.mail.ru
vk.com
www.banggood.com
www.hotelscombined.com
www.nike.com
www.okx.com
www.probit.com
www.solanium.io
104.111.214.74
104.111.243.137
104.111.245.50
104.111.246.208
104.16.106.108
104.18.28.208
104.20.1.53
104.21.89.238
104.22.6.169
104.90.139.132
104.92.106.193
107.154.132.27
142.250.185.226
143.204.95.188
143.204.98.118
143.204.98.90
147.75.85.120
163.181.56.193
164.90.198.24
172.66.40.77
176.9.60.211
178.248.238.82
178.250.0.165
178.63.12.208
18.158.151.211
18.203.56.89
185.117.134.138
185.184.8.65
185.75.253.85
192.102.6.123
192.102.6.144
192.102.6.72
192.102.6.94
195.85.23.89
195.85.23.96
2.16.186.241
2.21.141.232
209.140.129.51
23.227.38.74
23.35.237.31
23.45.104.178
2600:9000:2156:2a00:9:46dc:4700:93a1
2600:9000:2156:de00:3:a4cd:8380:93a1
2600:9000:2156:e600:6:44e3:f8c0:93a1
2606:2800:235:1c73:1f86:1376:22ce:2cd
2606:4700:10::6816:df6
2606:4700:10::ac43:1c9a
2606:4700:10::ac43:1e5d
2606:4700:10::ac43:557
2606:4700:20::6819:e935
2606:4700:20::681a:6bb
2606:4700:20::681a:786
2606:4700:20::681a:b19
2606:4700:20::681a:f02
2606:4700:20::681b:5171
2606:4700:20::ac43:45a1
2606:4700:3031::6815:4cf9
2606:4700:3033::6815:2d21
2606:4700:3037::ac43:ca82
2606:4700:3108::ac42:2ba4
2606:4700::6810:135e
2606:4700::6810:4155
2606:4700::6810:8516
2606:4700::6811:3c3a
2606:4700::6811:7311
2606:4700::6811:a149
2606:4700::6812:136e
2606:4700::6812:16e3
2606:4700::6812:1c15
2606:4700::6812:6428
2606:4700::6812:99
2606:4700::6812:e134
2606:4700::6813:b729
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:808::2016
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:830::2003
2a02:2638::3
2a02:26f0:6c00:298::268b
2a02:26f0:6c00:2bf::268b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::7
34.120.45.191
34.216.189.66
37.157.6.246
45.60.78.64
52.222.214.120
52.223.40.198
62.128.97.25
62.128.97.27
62.128.97.7
87.240.190.67
00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709
0a40dea2ad8c38d54437a638dc460a19581857e6d8cf1883b5df58896bfa2489
0b9e4a4de11a308b1e441773a8711894b4d460e3c90e0ce924d622ca4baf85ac
0c0ba0085e08f023ff102a6681597d18140f7060ab8ed71251a6d126c1b14715
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1181008c4d533ae52f2533ef482bb326ae0df168e10175d15c74a63ac86531d4
12c39c26105d17f87deaa58dc6271ed63df3e06030fb9e0fb30c70dd9b1fceac
13f503cf4ddfcfbd2c6ae6d2c91efe80ab888b1e1a8da4de8fbcf33e62e9434a
15763dba2655d07f3b725a210d6247c64266018b7c15280b869284fdbabeff9a
185d19247b68c0c4493c8c7d07c7dc5d42a50e5793530b81252684e1bba75ff9
1aeda7bc76ae0865178647144bdd612b499c12e5435264a96c931d569db8518f
1af86ebf436e3aaa645aac96b799d1e0ba7b128c1f6f5304dff415c3bc2c7cf5
1c0cab0b1de2ea45cdf2ad2a71645503f763e8747c077b65a38fc17605aa854a
1dd81eb2c6439c8b4cf2d33082370874590f3a71e1756f6cc7b9cd787526d7cc
1ebe5675d575f5ade906553d514ff0fb1725451208c697a7613152d30c2d01ef
1ee59cb221aad9b3257e2379e0b853d4c34806914bbe843ab0bbedac9af5db9d
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b
252f958ab7334260744af174539c91fbc11457e99b7001adae9d952ec163e0d6
254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261
261953db27cc0855b121008b1c606de50a2f3f5aecc60873ebb9751b66fd9203
2744fc8ba24e4b787270da23ae3e98455cf6329934d09d71f2b2babfc72d79bc
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
27cc02d6eed2199fc6c6748cb045cc10d5c4cc90e741d6416829753ad4be840a
298d0041946e2b4f141262fa102741fdf30ef6f1ec3bd4670466fea1734e4a93
29cae7cd39e3675acd183aea7e129ff6264585f2b900821552a1152c7c5aef6c
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2d05267591d22ed3738a4325a43b38bbbc055bca85dc56b7d7f69ea342a92b11
2d4642e81ac658ac0e3612edfb8b6d36ee33ec50f92eb6a6ad18313b83c334e1
2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
33d9e41593440dc2a4d14d2b6bb46f408514d73412c7a3835e789a6c44b44ab3
36aa85b5d97f76a381de07cdcc8f2bdecf7462384f8207f8a54d6aae1a40e4f6
37e2eecf7ca95d864321296f703b8b068e6726a8f19a9c6e59e6752c3785cece
38af64c0b7eef852bf8b12a3f01eb775e5107a4b28804ddb1013623a2041d68a
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4045f2cd9691a81fd40c69023995e43089e133d42f58fc93f65a2ab3edf53e9c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e
4cbc50b868354039b7452633b5b5aaa7d0c25d72b0251b797bee708fc59e0299
4dbd8b451dbd69cf82c2c5f3688e376da2ec2821cde1148afa73c333ef8a442d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
504d22006ae176912151468399d3ca661647bf29e2fae0e8ce097ed0d9cdd528
53380e9fd4b0c2d1d97ffdd41e929db5edecde579918fdb518f6e994191581d2
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
540f1860bba67de8970966fc9f72c31d07910ea9428a8e0801f7fed98b48a807
544e774fc2fd3796265f83f0a118d91695dce18925f615f84d67cfbe5147b76a
54c66b4c5f65905ba6a55c3d95ac4bb40c7734ca8727114b33cbf3ae651d28c9
55afb8d7ea385404126f0a556397396b2f67c6f77f4ea8a0464db28e599bed5f
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574
5a72458954925a250248e55619f35c259a4f9351ab48b286899da9998f2b0686
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d4d806792acac127bb1c36169a4608f5d7f8ee01a43bccf063a04b72c7d80a1
5d67aac26f6544b4dc5c84dd7f5b5fb679c7ed213d5c1d7fc67e25f28f7759e6
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2991dd569d370103846b2fcac07f52a3914e59fdd33e39bb3c8b2a57b6f6e2
6e2d2046e9a8880e8cbd01dedd18638c0bc6aadfb438216566379b689a3e6d89
700e4cb7b446689efa192f4fdfff2ddda031a798a596eb72efe19202ea286887
709e58c0dbb882e9b5a10b62d1e499824e2ffd88adbbb894d7f806a6309676b7
71ecffe9fb722544de36b480ceab8865bc99ae586dfcfc0298fad14a5cca9a83
724c3072ec6d96452474a1e4e60110c494a1ce36f0f967fd62a763d7e60c0cd2
7302911ddd78a23859566715b4c8b48b34aecd52f0e6058a4d57df794d3abe59
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
753d52d4c0f3f78693761532a22a31aded838c62c1e05339bbd1ea69c9754955
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
78d374053299b53a9b3feed92dff5dfb1ce3a216190e168f5f5f2367399681c9
7b57a7fd60cc98fc7d1a5ab5fef9e2a5271d94713a43b02cb44b911cfe647473
7b61de9662a6dd940812d4ec42ffe2267004a8944f0293d8441df71933cbb046
7c8898172b879d771a77be7f5b2133f8ccdd26eaafb36f653a0ca0ebce0216fb
80c2ec9b37b201bfc24e3db6313b4aef5d7e1567e7a28e235e0094d8f400ed2b
82fe218fa264e98b0bb927b41f2dcb8e00c6ae070f985c669726b6d82ab78fde
8475e953730aec698996dc34eabd999167dcfb31ff771f813856cc22d3b03104
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f
93dfe56fb01e5e34715446d718b16f722288e6a14b95e67feba8226254b769f2
95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8
9597e4d0d07d37fd8605882311aa24efcbf574bf9761c4c2dbcdfd58453b7d19
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9b82acd422aacb3dd9c9a779cc4861e2e2c8279c99c52c015b048bca5e81a27e
a0a95f5345eee401264602894c9598cfd529818413f73a07346b7759580cffb5
a16f53c0f6fc6529e6032d07ba294fc523e2c1eed8d49bd5af6fc62350bcd2a2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4ef07b01c265b981959f1b7e16264c2466740f9a386c4c73e7f92cbb76a4858
a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49
a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc
a5e483f612672f2208c79cec41d0ddba6084d1028cac43a5d1f1b4202db83f86
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
ab6dc7f96b2123ecee49dfd4495bfe6d8248c3209a4bd47b3907bbbd1f4a050b
abb951f5ec911e3a27b845c43d5132b9612f442f80e1cc5a90bbcb6dbb663342
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae149026175314fc3c2defa9e3a41bd29cdaf55f171ea8bb427ea26576a38bdb
aea3622f90032e54f73decfe37c7887bfb99a7f8ae2b584c296a5a7b5dd87226
b1fad57d369304343119651742b6c4a22df985c61fb92ea0197d1f37a5217f21
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723
b769b1026482ad24bb4be26b16a3bd1d962da58adaa547b0ac78ebbbd549f057
b7c23b6569a716d6facf087152dece79737d5751a6b9c843ff078e6aca87f5b2
b9093a4b39d82544ba707c561f77d09cab042a746bc3d63570466b7fdbb24bc9
b91e98b8ee14e7452814fa031d66aaad582a683f3651e2e4aceb5605e68f3ddb
b959714b2e365dfb43b97bc6af305679308b2ecc2fd9fb09c44c67b5cac0a81e
baee049272b23bef0a1a5f69bec303a844dc431d25607426aba9f49161e69be5
bb8a9d929d4fcc727bbfa57d8bd624434a97ef7711df5455297aedab4b205d38
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197
cb15b0e6a867bb189f32a8d6df0bfb1d8dcdc93a1ad471e06c177ac8029b7442
cd64d82d94b330228c05f2804c06b456981ec782577f18dee4225eb2142990b8
cde8796cabb7b93bbcf7c8a4bd2d39b926a22d2dfbbe6a37fdafd10c5bd8f965
cf0faa9c6fc8dbdd905543ca404fc7c0ec390159caa3e83b14ea8a086f65c5e8
cf371a6e60f15a74f52fbb937d9bd2e2b036d9603d4e346a4da644eacb5625ae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcab20aa21a4818bdc5b1c526319f37de98e28797c17a0beceb3bbb99ef1475
d4fd96901f118792b2712bb200319d350519b83e7e392016659279c29f5c6d29
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d90a3e8724f5f1a18ca679af2b7992bdf64f9921da1ab75df7150a6b7baa3cce
db35edb66201490ad51b3aba7071326b8b42c5c0654efac3c98475a468043a8a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dbf8c6623694f7c17fba2759e6867b60e224e4eef221173cee343a230a986584
e04490083fbfdcf23fab3841e6907306f46fa2272590943c223aff0b564dcd3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6766897b5a8396a2cb0d3203fb6490be776ccd3ffc849a554d7647f4d1939ed
e81e25ef4c0732ac1233e66812472a8d49b056f638b425eeecae45423d6f3469
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
ed672c552560517007a3e20176c250b34cb4203c13bfbd02a7c68840d5875148
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a3fc04e4d364b760ed3fa3332651ae9b941a95c508089cd306e3042a2ba3c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1a47e61dfbe2a0ba893af1d972ab9dafc04d96f5e816f7516f4c5414bd8b849
f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d
f3f0b960f461d81b48d29ac360a0f3553add3be3e891fb67878b4f11a0822339
f40095d2b76e692450ae8566758895c888151c1d4f24588c5bb1cbdb33c0abbc
f4e4c0cc376b7cf05bcdc89a69f484f749191e0281ec954ee2b7d9140dc59df7
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
fad4220f688080e165bc9ae1ddcb6d78ee8d0a37a4545d6854c2932a95ccede3
fe40216e07f1870b98db5d50b9301fbdb2974ebf6760d03a43dd1ab106ade4f1

www.gandul.ro Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

235 Requests

82 %HTTPS

50 %IPv6

101 Domains

128 Subdomains

92 IPs

11 Countries

3426 kBTransfer

10740 kBSize

99 Cookies

13 Outgoing links

Page URL History

Redirected requests

235 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gandul.ro Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

235
Requests

82 %
HTTPS

50 %
IPv6

101
Domains

128
Subdomains

92
IPs

11
Countries

3426 kB
Transfer

10740 kB
Size

99
Cookies

235 HTTP transactions
1 data transactions