urlscan.io logo urlscan.io
SecurityTrails logo

bancamea.md Open in urlscan Pro
2606:4700:3033::6815:4fa5  Public Scan

Go To Rescan Add Verdict Report
URL: https://bancamea.md/
Submission: On July 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3033::6815:4fa5, located in United States and belongs to CLOUDFLARENET, US. The main domain is bancamea.md.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.
This is the only time bancamea.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    2606:4700:3033::6815:4fa5 (United States)

ASN13335 (CLOUDFLARENET, US)
bancamea.md
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    128.140.224.229 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
ro.adocean.pl
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    128.140.224.228 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
gamd.hit.gemius.pl
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
20 bancamea.md
bancamea.md
1 MB
6 adocean.pl
ro.adocean.pl — Cisco Umbrella Rank: 307636
35 KB
5 gemius.pl
gamd.hit.gemius.pl — Cisco Umbrella Rank: 867210
ls.hit.gemius.pl — Cisco Umbrella Rank: 24682
22 KB
4 gstatic.com
fonts.gstatic.com
84 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
91 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 951
17 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
61 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
41 10
Domain Requested by
20 bancamea.md bancamea.md
6 ro.adocean.pl 1 redirects bancamea.md
ro.adocean.pl
4 gamd.hit.gemius.pl 1 redirects bancamea.md
gamd.hit.gemius.pl
4 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net bancamea.md
connect.facebook.net
2 ssl.google-analytics.com bancamea.md
1 www.facebook.com connect.facebook.net
1 ls.hit.gemius.pl gamd.hit.gemius.pl
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com bancamea.md
1 fonts.googleapis.com bancamea.md
41 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
amigo.studio
Subject Issuer Validity Valid
bancamea.md
WE1		 2024-07-18 -
2024-10-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA		 2024-01-29 -
2025-02-06		 a year crt.sh
*.googleadservices.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2023-09-14 -
2024-09-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-27 -
2024-07-26		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bancamea.md/
Frame ID: 6ECEDFF914A4C66F6B2306A652487876
Requests: 50 HTTP requests in this frame

Frame: https://ro.adocean.pl/files/html/test-cookie.html
Frame ID: 426FB1423C35A12B67DB9FD5E41985AF
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 162DD11DB7F652A96B930774D93EB37E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fccd5899f7a6410%26domain%3Dbancamea.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbancamea.md%252Ff6864f8a39b49640d%26relation%3Dparent.parent&container_width=278&hide_cover=true&href=http%3A%2F%2Fbancamea.md%2F&locale=ro_RO&sdk=joey&show_facepile=true&small_header=true
Frame ID: 8469F05329E2F9E8506A2C43DE1B336B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bancamea.md - Noutăți bancare. Informații utile. Curs valutar. Convertor valutar. Depozite bancare. Credite. Carduri. Transferuri bănești. Tarife. Comisioane. Harta bancomate. Harta filiale.

Detected technologies

Overall confidence: 100%
Detected patterns
  • adocean\.pl/files/js/ado\.js
  • adocean\.pl
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

4
Countries

1423 kB
Transfer

2414 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://ro.adocean.pl/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D HTTP 301
  • https://ro.adocean.pl/__/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
Request Chain 48
  • https://gamd.hit.gemius.pl/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbancamea.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=lER7SMuKemQSiVzL8abSAzaHf.AB8xfLXhf0Gnz4ibv.M7xIwexq4NYGEEVkvhhZj_jGABzu5kEfzxvZJBZabQNsMSwb/jGPoKgZHlAcx_/&fpdata=pGsXvegE.hvLlLHATvgIddir2qWxr2SJ_c1IO2rXqWz.O7%7C1721362872%7C2&ltime=124&fr=1&ref=&inner=_ver%3D351%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6699e9b8371d44b8&brts=1721362873&fpcap= HTTP 301
  • https://gamd.hit.gemius.pl/__/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbancamea.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=lER7SMuKemQSiVzL8abSAzaHf.AB8xfLXhf0Gnz4ibv.M7xIwexq4NYGEEVkvhhZj_jGABzu5kEfzxvZJBZabQNsMSwb/jGPoKgZHlAcx_/&fpdata=pGsXvegE.hvLlLHATvgIddir2qWxr2SJ_c1IO2rXqWz.O7%7C1721362872%7C2&ltime=124&fr=1&ref=&inner=_ver%3D351%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6699e9b8371d44b8&brts=1721362873&fpcap=

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bancamea.md/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfbb04d0f821c90ed3bf905d771070dea6f844bf147dc1ebef3833493a79a81

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a57ec5fa9c39189-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 Jul 2024 04:21:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scjgcpxBQ42%2FTb7%2Ft6MLSYv7OLeDSrZ5sLANnNMR8347PwG6YTHkMKK42U0LIPFzq%2B6SATLfRziMX85i14lERWNvnWJwz%2FiHwPXdbHnDnpfYvqJA5aK1kG8ySQuqa%2FpHYKGXOIuKEbvOFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans:300,400,500,600,700|Lora:400i&subset=latin-ext
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8e3a00ca712fd4c95909642d5546b9ddaea4e7393117abc8c23340c5613425d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jul 2024 04:21:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jul 2024 04:21:12 GMT
final.css
bancamea.md/css/ 		180 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/css/final.css?v=13
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c972fa4808fd2ea3e517c01722ed70fd9729e9b35b7b0f30bd4aadbfd372c00f

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 14 Jul 2020 08:35:08 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=189483
etag
W/"2e42b-5aa62af4b0700-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abZT3lxevNPGyQLM8JCfQRuoHxxj6v5dgLBC4OEnx1J%2BmY3NfW041lsbgR3yLCc4BqwSjTrIJcG2XS8LYwDvd70%2BhcBnvQG9Uy4WBw5qfxeGhdLi0dLbnGWsEmbeDBuLgnvM%2F3Ee5p7MUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8a57ec609a319189-FRA
alt-svc
h3=":443"; ma=86400
functions.js
bancamea.md/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/js/functions.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73bc2efb4c0dc737c44e73b8747c6d8ec61f1a27acb197099e75073fdc3136ee

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 14:39:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d92-5697f7f0ee940-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FvcaQYvuml82LQJM%2FUto61kELNGIDQZq55weRxhJ4CtLw6QPWmHLHkJsvvNcWTd4Yh7fJDKH5%2BgD%2FQAi7eZXowoWWil0wi9e3x1%2F%2BIgGx3MvwX9ZNkyQ57RJDyx8H%2FSHdQUrCFh%2FpWtNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a339189-FRA
alt-svc
h3=":443"; ma=86400
content-length
1184
final.js
bancamea.md/js/ 		442 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/js/final.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d969d09d51256a6b53ca40a2ba13f38de540735e5816f3f9fbee547560ee4b6

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Jul 2020 07:15:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6e91f-5aa75b085af40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCM%2F%2FEG3LIzH1yViP0sYo%2FQEt2G8ITi6%2F0WyoOfv4%2B5TFO97axh8868iEGnOTjvXhEL7E%2BOIBP6LsBMI0rmP9gjilIsWtT8oI4m59mLNupMGu5inQ%2Bw0RZ6QqHkUL8IGKEOq8S8yNKSzpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8a57ec609a359189-FRA
alt-svc
h3=":443"; ma=86400
jquery.tinysort.min.js
bancamea.md/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/js/jquery.tinysort.min.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4be66ec69f264920ec52db32f2dbc6b1148cf32ab25cb73d964ccdd326672b3

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 14:40:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"73c-5697f7f6a76c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qA%2FVNX8Rp7ZP3EaC1I%2FD4Yu09cvhWu7%2BTUoShAavK%2FW3KkMGI80RCZeqotq%2FNvwz2enu3jj%2BOxDMUh1EhJxwxdYha50mgildFIahjrY%2Fgb7ijynk9v4K1IY6tGzAaUnj%2BBbJGDtYGlwzFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a379189-FRA
alt-svc
h3=":443"; ma=86400
content-length
1028
home.js
bancamea.md/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/js/home.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e75dacfc92e73e37f8b082bb9ab8e82c4f29609063fc3f2bce41d9969b7f9d

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 14:39:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a22-5697f7f1e2b80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SK2p2fDvS7cvs%2FEi8fJpoFum5e85NvzAm3XnoEEuWFBWsBMv%2FeLv7Mc%2FhMr2z0YoGFg7uBicwBnVSqFsMWa3rTnQNy4mawMVx%2BVLBNOzccUWL%2BWoupCxhpA0AP%2FPSGZ5kfIlSIP7udmuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a389189-FRA
alt-svc
h3=":443"; ma=86400
content-length
965
converter.js
bancamea.md/js/ 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/js/converter.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ec5099723644bedc84ca1aa922d24863bf51f82a7525d9cde63062fb01ac4e

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 14:39:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3c91-5697f7ef064c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jzirGmKpwlO7m0wim5GOigXwXz%2BgCYPoisNDS0PWuLlDxRNGcVcVvjyCvSv7Mu1dxbUnm0VhXkfqT3kXrn%2FP507K0OSlmNVVzzvjDeUvBY2s5jsK16ClrLbtt8DcYkMRrxXUQmH7omAOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a399189-FRA
alt-svc
h3=":443"; ma=86400
content-length
1510
ado.js
ro.adocean.pl/files/js/ 		90 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.adocean.pl/files/js/ado.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.229 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GAD /
Resource Hash
e04055a8048e41a3896ac3092b9c719d52752c6140fa3667419e15ed0955b5b2

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Jun 2024 12:09:25 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
"000169FB84CA08BC"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, must-revalidate, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34539
expires
Fri, 19 Jul 2024 08:21:12 GMT
email-decode.min.js
bancamea.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2024 17:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6691639c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWfEA65Bp8ofxeQLdoM7n3SACFVBtPe5%2FxkRN8PaYKYbZWlm9IyYQ%2Fwpk6sIa8HNUUPQURsmsoT6Wh7TwBWp8HlzZuockDdBBO%2B0x0%2BfoYWjg5L6fiSKn3E%2BxorsYQXh8k%2BxXh5Wiib6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a57ec609a3a9189-FRA
expires
Sun, 21 Jul 2024 04:21:12 GMT
f3e16dbc7ca867a831a7c611da30b704.jpg
bancamea.md/img/news/thumbs/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/f3e16dbc7ca867a831a7c611da30b704.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cb6987812d5d85012f08c9a3be35117fd9cdc0744e7fbf04ad476060136fd4

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 20:11:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6df8-610437c4dd94b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh16Vnx%2FkOwTSHmEZUkHBbKIGCvBzGU%2FPM4wFgvljL4gq%2B76jdkns18gMUkw0Z9ieCXbPVwpADABrdR0d943g%2BCb4l1ZRTABV146jWywKldMYbAfgiFurUkyFGIgDjBW33X8SCwwSpPPFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a3b9189-FRA
alt-svc
h3=":443"; ma=86400
content-length
28152
a2191e24cc1c4ca80f0f205e91d4c209.jpg
bancamea.md/img/news/thumbs/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/a2191e24cc1c4ca80f0f205e91d4c209.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452646ac4bce509454c9795e6a16318a0e012ffd8e0499a74923e6085c607ecc

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 13:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"10348-6103e28ba811c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhOIpTvIM%2BhGuuiWdMnaaztuZpy41f9JFKfsJ7GOHXsqrdqKSUGWdJlJF0eVkiRwuA%2B188PHjpQERsX9go%2FQCIFzPtQJiYeqoqwCgtnRO9bwQN2Nk2klelU0kg%2FDbV%2FsxxispwqnniLjLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec609a3c9189-FRA
alt-svc
h3=":443"; ma=86400
content-length
66376
711be44c588a37c596a6b17fc8102de1.jpg
bancamea.md/img/news/thumbs/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/711be44c588a37c596a6b17fc8102de1.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ed8fc7784b8c65daa0d5d95e4ad06a682787a6d92713515b4234fdef3e1b60

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Jan 2024 11:51:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9424-6102862650014"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdW40cWkL116TnUP5zJgaGDvC7o%2F4Ov5zxUjx%2Bn%2BRClO7DYIyrzHFCaVtrlm0CuExfGcrAbkFqG1XAARO49e1x2m1lr15sHYQ9TIv%2FBwbMLQgnD6%2FgxZ82bVxpu2idmJMYLN7wxmD%2FyBHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec60e99f18ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
37924
1304913db67d290190f7f7a219ad8dad.png
bancamea.md/img/news/thumbs/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/1304913db67d290190f7f7a219ad8dad.png
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438cbfb949217389fb5b735c1fa3019a2709494d88f7fb134a6c0a7c73f2f8a4

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 11:27:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5868d-61013ee071569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6y3hrcuRhJbgREl9aj0rElpEcK9oYj6ZgV2oz5JK1rjy%2FkTomio65WLzhsr2U6LR7L7bQBJux3CUNBstlHhn7nhwKGGQf0porWihKjQIrEm0R9BrHfDUyYt12mSdv%2Fmk1wmLFXy%2FlIYoHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec6109ba18ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
362125
9c131cc9186383875f10b95f4ed39e3c.jpg
bancamea.md/img/news/thumbs/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/9c131cc9186383875f10b95f4ed39e3c.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aa55beafdf91bf047352711312636dfe5efcb99c299636e7e6f16c15e835ebd

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Jan 2024 20:30:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"43e5-60f15fec66b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkRzuYQfqO1rZKZUmGvqI3coMA1yPBSFT1ZWqWMTQBz4pHKgD1vGok%2F3EhQkJ30LyunuGkm%2FmSi9GjYuEmIk38EeoeCHw6IRXaJYIv5OT%2Bx3sFV%2F0%2Fw6bIktejIex8tWFcpZAS9ZaEIAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec6139f018ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
17381
858eb4159eec98289b9df422701a47bb.jpg
bancamea.md/img/news/thumbs/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/858eb4159eec98289b9df422701a47bb.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf856dc84b411065feac7c632367cae59cbfbefa8e303854588d0eefc1701ae

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Jan 2024 21:53:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"11a3b-60edad0fda7cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEwITbbL7%2BvyHk6nRwhw3%2Bz6zpuypFZAAb6B6c1Z1GdwpShXrUGYwcCyHoJY0vNqRwo9P%2FwFc%2Fd7Area7Vg1wyrG7aqV1V36iV8l%2B%2Bit7EuJJIuCtmxhhilwdhS4SuS5%2F6nHiNhOqHpZgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec61aa5f18ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
72251
4d08687576deb99333f8ac2e4bac3653.png
bancamea.md/img/news/thumbs/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/news/thumbs/4d08687576deb99333f8ac2e4bac3653.png
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6631da731da01e440489f3f0a87d09df6b0805c808a9b979dac17c589f1eec95

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Jan 2024 15:11:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5868d-60fc699d7b1d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pb3gjOlngjlpj9bNfh3MRjaIjEV2JSScfixJTXpHoKSOp2ihBnrvCjfhEVgks9Qlft8Blma9dog%2F4eI0HDhhU3fvinoSjcZQ02u8wDlwnM0Z3EoynJoQyMk2PpdOrB6jlmYTlFkE%2F78dGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec61fa9d18ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
362125
6491d17ee33f8.jpg
bancamea.md/img/photos/thumbs/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/photos/thumbs/6491d17ee33f8.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6809a854409c28ee59f94216e644cffe3803c217bd867ec89157cade03ddd525

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Jun 2023 16:19:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8c6f-5fe9202e7f24a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBcMjnVlY%2Fz%2FngB%2Fd8WtHk6nFgEPZWuvD4EYv1QdUNiXKmx%2FhhvZLEiaqDCTX8ahJJCCJrQ7LVD45Uwc5MBZ6K6CEkEkYHNzmVxj2NlWUB6ZCSJWvAp4vhe8uj%2Bs86k3ba4hg2EQWZON8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec625af518ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
35951
small_logo.jpg
bancamea.md/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bancamea.md/img/small_logo.jpg
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dfbe9ee639cea94511eac3e2a8ff483de87bf684aa5cf7751b986c99c2490f6

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 14:54:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9e8-5697fb2bc4800"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0btM65%2FOVGsn3838T3dqHRUZcpJf0fndJxPogy2xDRNFU6xRSHnjjm%2B9MVb0grLuSiw0dyfGeoW4Xo5jakzMuxahe6XzySD5rZrTlbZ6KX1u0X2iz%2BqxQGYRKTOz70%2F0nbZk89NXlvrAaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec626af718ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
2536
conversion.js
www.googleadservices.com/pagead/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8c036186b64122b07b2c1da42ebddbcf0b25e0d7830735b3e0dbcac71c2287ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21155
x-xss-protection
0
server
cafe
etag
9630394588095818617
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 04:21:12 GMT
LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v19/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:300,400,500,600,700|Lora:400i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancamea.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 17:01:04 GMT
x-content-type-options
nosniff
age
213608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27320
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 20:55:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 17:01:04 GMT
xgemius.js
gamd.hit.gemius.pl/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/xgemius.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.228 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
f8c42c34c0fbf5c97d3a2e9877f9a1fc004b5bd58347627c5c822e650b25fd23

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
last-modified
Mon, 17 Jun 2024 08:08:07 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
20346
expires
Fri, 19 Jul 2024 16:21:12 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 03:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1575
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 19 Jul 2024 05:54:57 GMT
ad.js
ro.adocean.pl/__/_1721362872580/
Redirect Chain
  • https://ro.adocean.pl/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
  • https://ro.adocean.pl/__/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
0
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.adocean.pl/__/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Server
128.140.224.229 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GAD /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:12 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 18 Jul 2024 04:21:12 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:12 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
0
expires
Thu, 18 Jul 2024 04:21:12 GMT
ado.js
ro.adocean.pl/files/js/ 		90 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.adocean.pl/files/js/ado.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.229 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GAD /
Resource Hash
e04055a8048e41a3896ac3092b9c719d52752c6140fa3667419e15ed0955b5b2

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Jun 2024 12:09:25 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
"000169FB84CA08BC"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, must-revalidate, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34539
expires
Fri, 19 Jul 2024 08:21:12 GMT
ad.js
ro.adocean.pl/_1721362872697/ 		0
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ro.adocean.pl/_1721362872697/ad.js?id=6vkwyOdDJ75pn.IKQOMZrDskEufzVL4EOnQQyDnVhXH.X7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D
Requested by
Host: ro.adocean.pl
URL: https://ro.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.229 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GAD /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:12 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 18 Jul 2024 04:21:12 GMT
sdk.js
connect.facebook.net/ro_RO/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ro_RO/sdk.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68c88878ff99c622d3993c5b360111d022f5f9452188df51457960dc53296c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 04:21:12 GMT
content-md5
rqMzJSszfla4nZ6PRymazA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2778, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
N//khndLwQk7M7I7SgE4Tx4LeCHPzEC9Xc27vC0kPt0pe8XMGQ9lNIdAcC0HrO/4unz/AG8i5CWWfjwbNE88SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d8f9a9b9d5af091623423fe5a85f4082
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"a0b4c02be8c100444406ef8b549cdc8c"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 19 Jul 2024 04:28:46 GMT
email-decode.min.js
bancamea.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 Jul 2024 17:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6691639c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vWfEA65Bp8ofxeQLdoM7n3SACFVBtPe5%2FxkRN8PaYKYbZWlm9IyYQ%2Fwpk6sIa8HNUUPQURsmsoT6Wh7TwBWp8HlzZuockDdBBO%2B0x0%2BfoYWjg5L6fiSKn3E%2BxorsYQXh8k%2BxXh5Wiib6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a57ec609a3a9189-FRA
expires
Sun, 21 Jul 2024 04:21:12 GMT
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba6c19fa75aa47d787b3a96233f83c09baa206fb42cb7e4de882509da644b6b5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		674 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e0b26c732f2a37127504ad45899bac26d8cfd3ee0007f3e5b22ed2ffac0af94

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2497165e62eb165e6cb08e443085cfe711dbe06c7f06747f86a8d788db0b2228

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		509 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21d539616a48f74cc32ad6aa7b41ab2f2da7ee720b608da1d4295069d6b062f5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc58fad288fbf66c81b4ca9678f976cc3b20655b31659d98400408bc46aee7a4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45d581e5f7207baefbd6a141ed48332a60e697b61d3b7e62f355e45c3e6acc98

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c43a24baf6d9239f35fde3d07044caf738a0591a2e7e19fbeeb0ddcc271e52be

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfb2ad6b0759c32ecc608ce2ea2147fab4a7957beb8eac0335d3233d05615418

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a3553ba501aa33614702fed4db2d8cdf767f076dd69159aab6eea73e973ecb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		199 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b5671a1c6bf13cf44c1c0d68c43babd9edf7a88927315b2b5defce5f568bd47

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		652 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4befcfd5329209111d492ec47377ee1f8f3cd90b9d949d2f2b8d1fa10b1700d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7407d62f5076da05f6ca7b7aadbbb3644761e4a1ccfa23f4493df2bcb6eb58a4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
fonts.gstatic.com/s/lora/v35/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92nA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:300,400,500,600,700|Lora:400i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancamea.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:56:22 GMT
x-content-type-options
nosniff
age
231890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22696
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:56:22 GMT
LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLRsA6WQw.woff2
fonts.gstatic.com/s/encodesans/v19/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLRsA6WQw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:300,400,500,600,700|Lora:400i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
763bb36b9190d8f348f6edb2805678ef7aae1ff7d88ad89beb3938db8e6b0f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancamea.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 04:41:53 GMT
x-content-type-options
nosniff
age
257959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22792
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 20:54:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 04:41:53 GMT
0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoqF2nOeZ.woff2
fonts.gstatic.com/s/lora/v35/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoqF2nOeZ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans:300,400,500,600,700|Lora:400i&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ea1cfacec7a9f50a7d7b31c2468a77f184561430de4f516c91ffa4554d5a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bancamea.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:56:39 GMT
x-content-type-options
nosniff
age
231873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12312
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:14:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:56:39 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/952972238/ 		43 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952972238/?random=1721362872839&cv=9&fst=1721362872839&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbancamea.md%2F&tiba=Bancamea.md%20-%20Nout%C4%83%C8%9Bi%20bancare.%20Informa%C8%9Bii%20utile.%20Curs%20valutar.%20Convertor%20valutar.%20Depozite%20bancare.%20Credite.%20Carduri.%20Transferuri%20b%C4%83ne%C8%99ti.%20Tarife.%20Comisioane.%20Harta%20bancomate.%20Harta%20filiale&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/ro_RO/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ro_RO/sdk.js?hash=3b52a1692f4d24de942c4e6e7b27ac49
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52759433b6970846dfffd4d6e65e03435eb6d106a17c72e28ffca582e2db4695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bancamea.md/
Origin
https://bancamea.md
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jul 2024 04:21:12 GMT
content-md5
FTx4Pcn5CrZWnR4N6u7Axg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89146
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4327, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug
G8qKtPTBlAEms1NgFqaBjy41dVELvbW4Lzi1em6AAHgBAWO7CddOjF0+7CjXabamhdiqLBb9d3pC0eJABHydzQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ea73222d242ce252592821734ac56514
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"313142bd7fc8b2c18a297afea9ae9b67"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 19 Jul 2025 04:08:47 GMT
test-cookie.html
ro.adocean.pl/files/html/ Frame 426F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ro.adocean.pl/files/html/test-cookie.html
Requested by
Host: ro.adocean.pl
URL: https://ro.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.229 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GAD /
Resource Hash

Request headers

Referer
https://bancamea.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
bytes
cache-control
public, must-revalidate, max-age=172800
content-encoding
gzip
content-length
756
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 04:21:12 GMT
etag
"000005049AF70A0F"
expires
Sun, 21 Jul 2024 04:21:12 GMT
last-modified
Fri, 14 Jun 2024 12:09:25 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GAD
vary
Accept-Encoding,Origin
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1203924423&utmhn=bancamea.md&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Bancamea.md%20-%20Nout%C4%83%C8%9Bi%20bancare.%20Informa%C8%9Bii%20utile.%20Curs%20valutar.%20Convertor%20valutar.%20Depozite%20bancare.%20Credite.%20Carduri.%20Transferuri%20b%C4%83ne%C8%99ti.%20Tarife.%20Comisioane.%20Harta%20bancomate.%20Harta%20filiale.&utmhid=1913450140&utmr=-&utmp=%2F&utmht=1721362872874&utmac=UA-29881747-1&utmcc=__utma%3D81532676.1645651024.1721362873.1721362873.1721362873.1%3B%2B__utmz%3D81532676.1721362873.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1446515094&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
gamd.hit.gemius.pl/ 		282 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/fpdata.js?href=bancamea.md
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
128.140.224.228 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
c80901a574eeb1b91ad9a5cb0250bde5d106d1e9d5a118fd656656e32f931c1b

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:12 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
282
expires
Sun, 18 Aug 2024 04:21:12 GMT
lsget.html
ls.hit.gemius.pl/ Frame 162D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash

Request headers

Referer
https://bancamea.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2801
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 04:21:13 GMT
etag
PRIVATE7520710249
expires
Sun, 18 Aug 2024 04:21:13 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
rexdot.js
gamd.hit.gemius.pl/__/_1721362873050/
Redirect Chain
  • https://gamd.hit.gemius.pl/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbanc...
  • https://gamd.hit.gemius.pl/__/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fb...
169 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gamd.hit.gemius.pl/__/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbancamea.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=lER7SMuKemQSiVzL8abSAzaHf.AB8xfLXhf0Gnz4ibv.M7xIwexq4NYGEEVkvhhZj_jGABzu5kEfzxvZJBZabQNsMSwb/jGPoKgZHlAcx_/&fpdata=pGsXvegE.hvLlLHATvgIddir2qWxr2SJ_c1IO2rXqWz.O7%7C1721362872%7C2&ltime=124&fr=1&ref=&inner=_ver%3D351%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6699e9b8371d44b8&brts=1721362873&fpcap=
Requested by
Host: bancamea.md
URL: https://bancamea.md/
Protocol
H2
Server
128.140.224.228 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software
GHC /
Resource Hash
dc5a2d881a25fc46f192994965050c7971dd9ad0fb7f47304a6ec49e535e621a

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:13 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Thu, 18 Jul 2024 04:21:13 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jul 2024 04:21:13 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1721362873050/rexdot.js?l=100&sendf=24&id=bO464dfmyvJQmXaxUjDHxpZWLSpFlmeX7Dv4HUbVWFf.07&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fbancamea.md%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=lER7SMuKemQSiVzL8abSAzaHf.AB8xfLXhf0Gnz4ibv.M7xIwexq4NYGEEVkvhhZj_jGABzu5kEfzxvZJBZabQNsMSwb/jGPoKgZHlAcx_/&fpdata=pGsXvegE.hvLlLHATvgIddir2qWxr2SJ_c1IO2rXqWz.O7%7C1721362872%7C2&ltime=124&fr=1&ref=&inner=_ver%3D351%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6699e9b8371d44b8&brts=1721362873&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 18 Jul 2024 04:21:13 GMT
page.php
www.facebook.com/v2.12/plugins/ Frame 8469 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fccd5899f7a6410%26domain%3Dbancamea.md%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbancamea.md%252Ff6864f8a39b49640d%26relation%3Dparent.parent&container_width=278&hide_cover=true&href=http%3A%2F%2Fbancamea.md%2F&locale=ro_RO&sdk=joey&show_facepile=true&small_header=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ro_RO/sdk.js?hash=3b52a1692f4d24de942c4e6e7b27ac49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bancamea.md/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jul 2024 04:21:13 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v14.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7393197246146549559"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7393197246146549559", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2770, tp=-1, tpl=-1, uplat=36, ullat=0
x-fb-debug
yh78t6dx0dGxy+5fDeeYXWCl8LbvGf4Uaj0NaupZwGLtVb7ZonWLj8aLEKeZpZsPO6nCsLDYVZOlEKRW1ysl7A==
x-xss-protection
0
favicon.ico
bancamea.md/img/favicons/ 		566 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/img/favicons/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1745a12d5b31d6766021442477dfe9c66e80ded31e9b20d3705d1e3ca1ecad4

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Apr 2018 11:39:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"236-56a09cac96740"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWZQl8fMEE3HMQY6TrvvCXMuTdvuNnVnX7JnK4oGjcdzD9QXYqLSIXSur1kk1%2BAG5H%2F0twJ5Cbf9RlRUTOvNQQuOEgW3Qpc%2F9gYkXW%2BKPjOWcm7Z7JYaPhQBlQAZuSO0PuNuM5cK3MJ%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8a57ec65fe2a18ed-FRA
alt-svc
h3=":443"; ma=86400
favicon-32x32.png
bancamea.md/img/favicons/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bancamea.md/img/favicons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cfcc83ee1dd0b3e21ae93c3b4ccef8c46a4152d6160620b568c8e70a478340

Request headers

Referer
https://bancamea.md/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 04:21:13 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Apr 2018 11:39:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1859-56a09ca9ba080"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmkLav7i%2B%2FpJnxd7OLHkDPCK5VmkWoKKMildJIyqNenD%2Ft8LRtdrY53E9bSXUs2x4VIIJd4%2Fhxv0pK1lzkDYBYd%2F6db%2BGPpC6ExIRYBeK%2Fcjl9YE84wjCCBjF%2BiBQ7XFHp0lQlEovYHyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a57ec663e6b18ed-FRA
alt-svc
h3=":443"; ma=86400
content-length
6233

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| sortAsc function| sortDesc function| sortFloat function| nl2br function| validateEmail function| validatePhone function| isNumber function| getBestBuying function| getBestSelling function| getMaxOfArray function| getMinOfArray function| getHashValue number| window_w number| height_w number| window_w_2 function| lazyLoad function| $ function| jQuery function| autosize function| moment object| html5 object| Modernizr function| yepnope object| classie function| ProgressButton object| jQuery112007627661203100795 function| downEmptyRates string| curEUR number| curMDL function| IsNumeric function| calculateMDL function| calculateEUR function| calculateUSD function| calculateRON function| calculateRUB function| calculateUAH function| calculateGBP function| calculateCHF function| GetBNMRates string| curUAH string| curRUB string| curRON string| curUSD string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| _gaq object| AOFIF object| Ado object| _adoGlobal function| AdoElement object| ado object| adocf object| xado object| _aoConsentBuffer object| google_tag_data function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time object| FB number| decimals string| curGBP string| curCHF object| _gat object| gaGlobal object| __buffer boolean| google_noFurtherRedirects object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt

14 Cookies

Domain/Path Name / Value
bancamea.md/ Name: CAKEPHP
Value: uk025fvqp7r5sffn1jjk6dpgc4
.ro.adocean.pl/ Name: GAD
Value: KlSkwRMGQMGGrJaZzXjIrgXUssGMXP8cfRySssX6xssGvaGpI7EPoHV5L18GYsCFS8mUu6eGsG..
.bancamea.md/ Name: __utma
Value: 81532676.1645651024.1721362873.1721362873.1721362873.1
.bancamea.md/ Name: __utmc
Value: 81532676
.bancamea.md/ Name: __utmz
Value: 81532676.1721362873.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.bancamea.md/ Name: __utmt
Value: 1
.bancamea.md/ Name: __utmb
Value: 81532676.1.10.1721362873
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bancamea.md/ Name: ao-fpgad
Value: %7B%22fpcRequired%22%3Afalse%2C%22checkTS%22%3A1721362872999%2C%22domain%22%3A%22bancamea.md%22%7D
.bancamea.md/ Name: __gfp_64b
Value: pGsXvegE.hvLlLHATvgIddir2qWxr2SJ_c1IO2rXqWz.O7|1721362872|2
.hit.gemius.pl/ Name: receive-cookie-deprecation
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlS-YRGGQMQGBng91EJIrgXUssGMXP8c25nSGuvoqMH5XBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlSxRMMGQMQGBng91EJIrgXUssGMXP8c25nSGuvoqMH5FRxSG7RrGS6GkDotFlMQYH8W8jBGqSRxSG8.
.hit.gemius.pl/ Name: Gdynp
Value: vLnQHSLG9hLocMsoB5gF0P4AhdDnjxsEBBbwVQoUa1D.q7

4 Console Messages

Source Level URL
Text
javascript warning URL: https://ro.adocean.pl/files/js/ado.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ro.adocean.pl/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ro.adocean.pl/files/js/ado.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ro.adocean.pl/_1721362872580/ad.js?id=mCZBIH5fvBGQ.KImkI2ur1Dlw6u31dIrTH9pwJWNter.M7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ro.adocean.pl/files/js/ado.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ro.adocean.pl/_1721362872697/ad.js?id=6vkwyOdDJ75pn.IKQOMZrDskEufzVL4EOnQQyDnVhXH.X7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ro.adocean.pl/files/js/ado.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ro.adocean.pl/_1721362872697/ad.js?id=6vkwyOdDJ75pn.IKQOMZrDskEufzVL4EOnQQyDnVhXH.X7/adov=4.6.3/x=1600/y=1200/lptype=1/inner=_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bancamea.md
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
googleads.g.doubleclick.net
ls.hit.gemius.pl
ro.adocean.pl
ssl.google-analytics.com
www.facebook.com
www.googleadservices.com
128.140.224.228
128.140.224.229
142.250.184.194
146.59.30.108
2606:4700:3033::6815:4fa5
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0d969d09d51256a6b53ca40a2ba13f38de540735e5816f3f9fbee547560ee4b6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
21cb6987812d5d85012f08c9a3be35117fd9cdc0744e7fbf04ad476060136fd4
21d539616a48f74cc32ad6aa7b41ab2f2da7ee720b608da1d4295069d6b062f5
2497165e62eb165e6cb08e443085cfe711dbe06c7f06747f86a8d788db0b2228
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a3553ba501aa33614702fed4db2d8cdf767f076dd69159aab6eea73e973ecb
2cfbb04d0f821c90ed3bf905d771070dea6f844bf147dc1ebef3833493a79a81
41ed8fc7784b8c65daa0d5d95e4ad06a682787a6d92713515b4234fdef3e1b60
438cbfb949217389fb5b735c1fa3019a2709494d88f7fb134a6c0a7c73f2f8a4
452646ac4bce509454c9795e6a16318a0e012ffd8e0499a74923e6085c607ecc
45d581e5f7207baefbd6a141ed48332a60e697b61d3b7e62f355e45c3e6acc98
4aa55beafdf91bf047352711312636dfe5efcb99c299636e7e6f16c15e835ebd
51ec5099723644bedc84ca1aa922d24863bf51f82a7525d9cde63062fb01ac4e
52759433b6970846dfffd4d6e65e03435eb6d106a17c72e28ffca582e2db4695
6631da731da01e440489f3f0a87d09df6b0805c808a9b979dac17c589f1eec95
6809a854409c28ee59f94216e644cffe3803c217bd867ec89157cade03ddd525
68c88878ff99c622d3993c5b360111d022f5f9452188df51457960dc53296c29
6e0b26c732f2a37127504ad45899bac26d8cfd3ee0007f3e5b22ed2ffac0af94
73bc2efb4c0dc737c44e73b8747c6d8ec61f1a27acb197099e75073fdc3136ee
7407d62f5076da05f6ca7b7aadbbb3644761e4a1ccfa23f4493df2bcb6eb58a4
763bb36b9190d8f348f6edb2805678ef7aae1ff7d88ad89beb3938db8e6b0f1d
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
8b5671a1c6bf13cf44c1c0d68c43babd9edf7a88927315b2b5defce5f568bd47
8bf856dc84b411065feac7c632367cae59cbfbefa8e303854588d0eefc1701ae
8c036186b64122b07b2c1da42ebddbcf0b25e0d7830735b3e0dbcac71c2287ed
8dfbe9ee639cea94511eac3e2a8ff483de87bf684aa5cf7751b986c99c2490f6
9e6e380dc70aa0d116772b28a820ecbc3ba8ff7927e2f9de6ac09742bb1e1b49
a4be66ec69f264920ec52db32f2dbc6b1148cf32ab25cb73d964ccdd326672b3
ba6c19fa75aa47d787b3a96233f83c09baa206fb42cb7e4de882509da644b6b5
c43a24baf6d9239f35fde3d07044caf738a0591a2e7e19fbeeb0ddcc271e52be
c80901a574eeb1b91ad9a5cb0250bde5d106d1e9d5a118fd656656e32f931c1b
c972fa4808fd2ea3e517c01722ed70fd9729e9b35b7b0f30bd4aadbfd372c00f
cc58fad288fbf66c81b4ca9678f976cc3b20655b31659d98400408bc46aee7a4
cfb2ad6b0759c32ecc608ce2ea2147fab4a7957beb8eac0335d3233d05615418
d5ea1cfacec7a9f50a7d7b31c2468a77f184561430de4f516c91ffa4554d5a90
d8e3a00ca712fd4c95909642d5546b9ddaea4e7393117abc8c23340c5613425d
d9cfcc83ee1dd0b3e21ae93c3b4ccef8c46a4152d6160620b568c8e70a478340
dc5a2d881a25fc46f192994965050c7971dd9ad0fb7f47304a6ec49e535e621a
e04055a8048e41a3896ac3092b9c719d52752c6140fa3667419e15ed0955b5b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1745a12d5b31d6766021442477dfe9c66e80ded31e9b20d3705d1e3ca1ecad4
f4befcfd5329209111d492ec47377ee1f8f3cd90b9d949d2f2b8d1fa10b1700d
f6e75dacfc92e73e37f8b082bb9ab8e82c4f29609063fc3f2bce41d9969b7f9d
f8c42c34c0fbf5c97d3a2e9877f9a1fc004b5bd58347627c5c822e650b25fd23